We at Tricent recognise how important it is to allow users to responsibly disclose privacy and security vulnerabilities. That’s why we are committed to addressing security issues reported by the community, whether that’s from users, enthusiasts or professionals.

Working with you, we strive to deliver the best and most private service to all users, which is extremely important to us and the wider community.

Using this form, you can disclose any concerns or vulnerabilities you have observed that relate to tricent.com or Tricent Compliance Tool.

Alternatively, you may email us at security@tricent.com

Should you need to, please use our PGP public key to encrypt your communication with us.

KeyID: FC1190AF

security@tricent.com
(+45) 70 71 31 31

3 Meldahlsgade
1613 Copenhagen
Denmark

How we deal with reported issues

When we receive your submission, we will take steps to ensure that the issue is dealt with in a timely and professional manner and ask that you will act in good faith, which means:

  • the reporter will keep our communication and information regarding the vulnerability confidential
  • we will verify that the vulnerability is legitimate and launch a serious investigation
  • we will address the vulnerability and release the fix as quickly as possible, doing our best to keep the reporter informed of our progress
  • we make a promise to the reporter, acting in good faith, is given “Safe Harbor” and will not be unduly penalised
  • if release notes or other communications include information of the vulnerability fix, we will include a reference to the reporter, unless the reporter prefers to stay anonymous