Responsible Disclosure Program
Last updated: August 13, 2025.
Taara Connect, Inc. (“Taara”) has a Responsible Disclosure Program to ensure the security and privacy of its systems, data, and users. Taara values the role of security researchers in identifying potential vulnerabilities.
OUR COMMITMENT
- Taara will acknowledge receipt of vulnerability reports in a timely manner.
- All legitimate reports will be investigated.
- Taara will make reasonable efforts to keep you informed on the progress of addressing the reported vulnerability.
- Legal action will not be taken against individuals who discover and report vulnerabilities in good faith and follow the program's guidelines.
GUIDELINES FOR RESPONSIBLE DISCLOSURE
When conducting security research and submitting reports, please follow these guidelines:
- Do not access, modify, or destroy user or company data without permission.
- Do not disrupt services or negatively impact the user experience.
- Do not engage in social engineering, phishing, or physical attacks.
- Do not use automated vulnerability scanners that create a high volume of traffic.
- Do not publicly disclose the vulnerability before Taara has had a reasonable opportunity to address it, which is a minimum of 90 days unless a different timeline is agreed upon
- Do provide a clear and detailed description of the vulnerability, including the type, affected area, steps to reproduce, potential impact, and suggested remediation.
- Do encrypt any sensitive information included in your report.
- Do ensure your research is conducted legally and ethically.
HOW TO REPORT
Submit vulnerability reports to security@taaraconnect.com.