The F2 Healthcare security team acknowledges the valuable role that independent security researchers play in internet security. As a result, we encourage responsible reporting of any vulnerabilities that may be found in our site or applications. F2 Healthcare is committed to working with security researchers to verify and address any potential vulnerabilities that are reported to us.
Please review these terms before you test and/or report a vulnerability. F2 Healthcare pledges not to initiate legal action against researchers for penetrating or attempting to penetrate our systems as long as they adhere to this policy.
At F2 Healthcare we investigate all received vulnerability reports and implement the best course of action in order to protect our customers. If you are a security researcher and have discovered a security vulnerability in our products, we appreciate your help in disclosing it to us in a responsible manner.
If you identify a verified vulnerability in compliance with F2’s Responsible Disclosure Policy, F2 Healthcare commits to:
Privately share details of the suspected vulnerability with F2 Healthcare by sending an email to email@example.com. Provide full details of the suspected vulnerability so the F2 security team may validate and reproduce the issue.
While we encourage you to discover and report to us any vulnerabilities you find in a responsible manner, the following conduct is expressly prohibited:
F2’s President and security team review this Responsible Disclosure Policy from a legal and operational perspective on a yearly basis.