Vulnerability Disclosure Policy

This policy gives security researchers a point of contact to directly submit their research findings if they believe they have found a potential security vulnerability within PI Data Analytics.

About this policy

The security of PI Data Analytics’s systems is a top priority and we take every care to keep them secure. Despite our efforts, there may still be vulnerabilities.

PI Data Analytics is keen to engage with the security community. This policy allows security researchers to share their findings with PI Data Analytics. If you think you have found a potential vulnerability in a PI Data Analytics system, service or product, please tell us as quickly as possible.

We do not provide compensation for finding potential or confirmed vulnerabilities, nor do we publish the names or details of researchers that have provided vulnerabilities.

What this policy covers

This policy covers:

any product or service wholly owned by PI Data Analytics to which you have lawful access
any product or service wholly owned by one of PI Data Analytics’s portfolio agencies to which you have lawful access.

This policy does not cover:

clickjacking
social engineering or phishing
weak or insecure SSL ciphers and certificates
denial of Service (DoS)
physical attacks
attempts to modify or destroy data.

How to report a vulnerability

To report a vulnerability, please use PI Data Analytics’s contact form. Provide enough detail that we can reproduce your steps.

If you report a vulnerability under this policy, please keep it confidential. Do not make your research public until PI Data Analytics has finished investigating and fixed or mitigated the vulnerability.

What happens next

PI Data Analytics will:

respond to your report within 5 business days.
keep you informed of our progress.
agree upon a date for public disclosure, if required.

Vulnerability Report Form

Please tell us about the vulnerability

About You

Your Name(Required)
Your Address
  • Afghanistan
  • Albania
  • Algeria
  • American Samoa
  • Andorra
  • Angola
  • Anguilla
  • Antarctica
  • Antigua and Barbuda
  • Argentina
  • Armenia
  • Aruba
  • Australia
  • Austria
  • Azerbaijan
  • Bahamas
  • Bahrain
  • Bangladesh
  • Barbados
  • Belarus
  • Belgium
  • Belize
  • Benin
  • Bermuda
  • Bhutan
  • Bolivia
  • Bonaire, Sint Eustatius and Saba
  • Bosnia and Herzegovina
  • Botswana
  • Bouvet Island
  • Brazil
  • British Indian Ocean Territory
  • Brunei Darussalam
  • Bulgaria
  • Burkina Faso
  • Burundi
  • Cabo Verde
  • Cambodia
  • Cameroon
  • Canada
  • Cayman Islands
  • Central African Republic
  • Chad
  • Chile
  • China
  • Christmas Island
  • Cocos Islands
  • Colombia
  • Comoros
  • Congo
  • Congo, Democratic Republic of the
  • Cook Islands
  • Costa Rica
  • Croatia
  • Cuba
  • Curaçao
  • Cyprus
  • Czechia
  • Côte d'Ivoire
  • Denmark
  • Djibouti
  • Dominica
  • Dominican Republic
  • Ecuador
  • Egypt
  • El Salvador
  • Equatorial Guinea
  • Eritrea
  • Estonia
  • Eswatini
  • Ethiopia
  • Falkland Islands
  • Faroe Islands
  • Fiji
  • Finland
  • France
  • French Guiana
  • French Polynesia
  • French Southern Territories
  • Gabon
  • Gambia
  • Georgia
  • Germany
  • Ghana
  • Gibraltar
  • Greece
  • Greenland
  • Grenada
  • Guadeloupe
  • Guam
  • Guatemala
  • Guernsey
  • Guinea
  • Guinea-Bissau
  • Guyana
  • Haiti
  • Heard Island and McDonald Islands
  • Holy See
  • Honduras
  • Hong Kong
  • Hungary
  • Iceland
  • India
  • Indonesia
  • Iran
  • Iraq
  • Ireland
  • Isle of Man
  • Israel
  • Italy
  • Jamaica
  • Japan
  • Jersey
  • Jordan
  • Kazakhstan
  • Kenya
  • Kiribati
  • Korea, Democratic People's Republic of
  • Korea, Republic of
  • Kuwait
  • Kyrgyzstan
  • Lao People's Democratic Republic
  • Latvia
  • Lebanon
  • Lesotho
  • Liberia
  • Libya
  • Liechtenstein
  • Lithuania
  • Luxembourg
  • Macao
  • Madagascar
  • Malawi
  • Malaysia
  • Maldives
  • Mali
  • Malta
  • Marshall Islands
  • Martinique
  • Mauritania
  • Mauritius
  • Mayotte
  • Mexico
  • Micronesia
  • Moldova
  • Monaco
  • Mongolia
  • Montenegro
  • Montserrat
  • Morocco
  • Mozambique
  • Myanmar
  • Namibia
  • Nauru
  • Nepal
  • Netherlands
  • New Caledonia
  • New Zealand
  • Nicaragua
  • Niger
  • Nigeria
  • Niue
  • Norfolk Island
  • North Macedonia
  • Northern Mariana Islands
  • Norway
  • Oman
  • Pakistan
  • Palau
  • Palestine, State of
  • Panama
  • Papua New Guinea
  • Paraguay
  • Peru
  • Philippines
  • Pitcairn
  • Poland
  • Portugal
  • Puerto Rico
  • Qatar
  • Romania
  • Russian Federation
  • Rwanda
  • Réunion
  • Saint Barthélemy
  • Saint Helena, Ascension and Tristan da Cunha
  • Saint Kitts and Nevis
  • Saint Lucia
  • Saint Martin
  • Saint Pierre and Miquelon
  • Saint Vincent and the Grenadines
  • Samoa
  • San Marino
  • Sao Tome and Principe
  • Saudi Arabia
  • Senegal
  • Serbia
  • Seychelles
  • Sierra Leone
  • Singapore
  • Sint Maarten
  • Slovakia
  • Slovenia
  • Solomon Islands
  • Somalia
  • South Africa
  • South Georgia and the South Sandwich Islands
  • South Sudan
  • Spain
  • Sri Lanka
  • Sudan
  • Suriname
  • Svalbard and Jan Mayen
  • Sweden
  • Switzerland
  • Syria Arab Republic
  • Taiwan
  • Tajikistan
  • Tanzania, the United Republic of
  • Thailand
  • Timor-Leste
  • Togo
  • Tokelau
  • Tonga
  • Trinidad and Tobago
  • Tunisia
  • Turkmenistan
  • Turks and Caicos Islands
  • Tuvalu
  • Türkiye
  • US Minor Outlying Islands
  • Uganda
  • Ukraine
  • United Arab Emirates
  • United Kingdom
  • United States
  • Uruguay
  • Uzbekistan
  • Vanuatu
  • Venezuela
  • Viet Nam
  • Virgin Islands, British
  • Virgin Islands, U.S.
  • Wallis and Futuna
  • Western Sahara
  • Yemen
  • Zambia
  • Zimbabwe
  • Åland Islands

How Can We Reach You?

How can we contact you to get further information and report back to you?
Email
  • Email
  • Phone
Your Email Address(Required)

What do you want to tell us?

Please let us know about your findings regarding a potential security vulnerability within the Comprara systems
Top