Skip to content
SCHEDULE DEMO

Responsible Vulnerability Disclosure

DTS is committed to protecting our customers, our systems, and the data entrusted to us. If you believe you have discovered a security vulnerability in a DTS product, service, or system, we encourage you to report it so we can investigate and address it responsibly.

How to Report a Vulnerability

Please report suspected security vulnerabilities by email:

help@dtsconnex.com

What to Include

When submitting a report, please include:

  • A clear description of the issue and the affected product or service

  • Steps to reproduce the issue (proof-of-concept details are helpful)

  • Any relevant logs, screenshots, or timestamps, if available

  • Whether the issue is publicly known or actively being exploited, if known

  • Contact information so we can follow up with questions

If you would like to encrypt your report, please contact us and we will coordinate a secure method for exchanging sensitive details.

 

Scope

In Scope

  • DTS-owned applications, services, and systems used to deliver DTS products

Out of Scope

  • Third-party services not controlled by DTS

  • Social engineering of DTS personnel

  • Physical security testing

  • Denial-of-service (DoS) testing

  • Issues requiring unlikely user interaction or non-standard configurations

 

Guidelines for Responsible Testing

We ask that researchers:

  • Make a good-faith effort to avoid privacy violations, data destruction, or service disruption

  • Do not access, modify, or exfiltrate data beyond what is necessary to demonstrate the vulnerability

  • Do not use vulnerabilities to compromise systems or accounts

  • Stop testing and report promptly if sensitive data is encountered

 

Our Commitment

DTS commits to the following:

  • We will acknowledge receipt of vulnerability reports and may request additional information

  • We will investigate reports and take appropriate remediation actions based on risk and impact

  • We will treat reports confidentially to the extent possible and consistent with our obligations

  • We will not pursue legal action against individuals who report vulnerabilities in good faith and in accordance with this policy

 

Disclosure

We ask that you provide DTS a reasonable opportunity to investigate and remediate vulnerabilities prior to public disclosure. If you intend to publish details of a vulnerability, please coordinate with us in advance.