Incident Response

Vulnerability reporting

To help facilitate the vulnerability reporting process, please follow the guidelines below. These steps ensure the integrity of the Snapdocs platform and our other related products. If you are a Snapdocs customer, please contact your account representative for details. If you encounter a vulnerability in one of our products, we encourage you to report it by submitting a ticket to our security team with the details listed below.

Please provide the following information:

Type of issue (buffer overflow, SQL injection, cross-site scripting, etc.)
Product that contains the bug (Lender Application, Settlement or Title Application, etc.)
Any special configuration required to reproduce the issue
Step-by-step instructions to reproduce the issue
Proof-of-concept or exploit code (if any)
Impact of the issue, including how an attacker could exploit the issue

Snapdocs does not allow penetration testing of Snapdocs-managed cloud products without prior authorization.

Please note: any Amazon Web Services (AWS) vulnerabilities should be reported to AWS by visiting their Vulnerability Reporting site.

Acknowledge

Snapdocs is committed to acknowledging, responding, and remediating the reported issue and keeping you informed as we work to address your security concerns.

Responsive

You will receive a personal acknowledgment within the first 24 hours and daily updates on progress.

Report

In the spirit of responsible disclosure, Snapdocs will notify potentially impacted customers when any vulnerability is addressed—or when they must take action.

Recognition

Our policy is to acknowledge and credit researchers in any advisory we submit when a fix is issued for the reported security vulnerability.

TRUST > Incident Reporting

Noticed something? Let us know!