Responsible Disclosure Program
LTIMindtree takes the security of its systems very seriously. If you have discovered or believe you have identified potential security vulnerabilities in any of our applications, we encourage you to disclose your discovery to us as quickly as possible in accordance with this Responsible Disclosure Program.
Responsible Disclosure Reporting Process
Timely identification of security vulnerabilities is critical to mitigating potential risks. If you identify a security vulnerability in any LTIMindtree system, please report it immediately. Security researchers, industry groups, vendors, and other users should email vulnerability reports directly to the LTIMindtree Security team.
Responsible Disclosure Reporting Instructions
Your report must include the following information:
- Contact email address
- Vulnerability description
- Vulnerability locations
- Validation steps
- Recommended fix
- Assumed impact
Responsible Disclosure Guidelines
- LTIMindtree does not provide compensation in exchange for information on security vulnerabilities under this Responsible Disclosure Program.
- LTIMindtree may choose not to pursue, contact, or otherwise interact with reporters who decline to identify themselves when making the report.
- LTIMindtree will deal with reporting parties who comply with these Responsible Disclosure Guidelines in good faith.
- LTIMindtree may disregard submissions by parties who submit a high volume of low-quality reports.
Responsible Disclosure Acknowledgment
LTIMindtree Security team shall provide an email acknowledgement for qualified vulnerabilities.
Disclaimer
All aspects of LTIMindtree’s Responsible Disclosure program are subject to change without notice and on a case-by-case basis. Response is not guaranteed for any specific issue or class of issues. Your use of the information in this document or materials linked herein is at your own risk. LTIMindtree reserves the right to change or update this document at its sole discretion and without notice at any time.