Disclosure
Security and Vulnerability Reporting
We want to keep Pareto Security safe for all users. Publicly disclosing a vulnerability can put the entire Pareto Security community at risk. If you've discovered a vulnerability in the system, we appreciate your help in disclosing it to us in a responsible manner.
Most security issues we receive are fixed and resolved within 24 hours. For more information read our disclousure policy.
Independent Third-Party Audits
We also put the platform through regular third-party audits to check for vulnerabilities in the system.
Vulnerability Reports
All current vulnerability reports and official audits, ordered by date of disclosure.
| Date | Reporter | Vulnerability | Resolution |
|---|---|---|---|
| September 2021 | rokki.ch | Missing /security.txt |
Published a signed security.txt file at paretosecurity.com/security.txt. |
| February 2022 | User | Browser Security Headers for dash.paretosecurity.com are not set | Added appropriate browser headers to get "Grade A" on SecurityHeaders.com. |
Contact Us
If you found a vulnerability in the system, please contact us and provide as much information as possible following our disclousure policy.