Responsible Disclosure Policy

Driverse is providing this service to help ensure a safe and secure environment for all users.

If external parties find any sensitive information, potential vulnerabilities, or weaknesses, please help by responsibly disclosing it to ResponsibleDisclosure@fullsteam.com .

This policy applies to Driverse hosted applications and to any other subdomains or services associated with products. Driverse does not accept reports for vulnerabilities which solely affect marketing websites (driverse.com) containing no sensitive data.

Security researchers must not:

• Engage in physical testing of facilities or resources.
• Engage in social engineering.
• Send unsolicited electronic mail to Driverse users, including phishing messages.
• Execute or attempt Denial of Service or Resource Exhaustion attacks.
• Introduce malicious software.
• Execute automated scans that could disrupt services.
• Test in a manner that degrades or impairs Driverse systems.
• Test third-party applications that integrate with Driverse systems.
• Delete, alter, share, retain, or destroy Driverse data.
• Use an exploit to exfiltrate data or establish persistent access.

Security researchers may:

• View or store Driverse nonpublic data only to the extent necessary to document a potential vulnerability.

Security researchers must:

• Cease testing and notify us immediately upon discovery of a vulnerability.
• Cease testing and notify us immediately upon discovery of exposure of nonpublic data.
• Purge any stored Driverse nonpublic data upon reporting a vulnerability.

Thank you for helping to keep Driverse and our users safe.