This page includes information about Centile’s ISTRA products security, and how security researchers and experts can contact Centile to report or ask about a security issue.
You can count on the fact that Centile’s team works hard behind the scenes to keep its products safe, secure, and private. This is our responsibility to you, our customers, and we take it seriously.
We know the usage of our products is extremely important to you and your business, and we’re very attentive to it — after all, we are using our own products, too. We are also GDPR compliant, and this is our commitment to protect personal data.
We share with you, our customers, detailled information about the security of our products, as well as our GDPR compliance, into your dedicated extranet account: your Account Manager or your Support team will be happy to provide guidance if necessary.
If you’re not a customer yet, please reach our sales channel first.
To report security or privacy issues affecting Centile products or web servers, contact us first before proceeding with any action on our website to obtain our agreement.
Centile welcomes reports from security researchers and experts on possible security vulnerabilities with our ISTRA products or web servers. We are particularly interested in vulnerabilities that may impact our customers ‘business, the confidentiality or the integrity of their subscribers’ information.
If you think you may discover a potential vulnerability and finally find one, send our security team a report containing information and detailed instructions on how to reproduce the problem.
For the protection of our customers, Centile does not disclose, discuss or confirm security issues until an investigation has taken place and patches or versions are available.
Centile credits researchers who have reported confirmed security issues on its website (see below).
Note: If you are researching security issues, please test the accounts we have given you in white, gray and black boxes.
For any questions relating to the law and the accounts concerning the Pentests, please contact us at the following address:
productsecurity at our domain name (centile.com)
Centiles wishes to thank and recognize the works brought by the security experts who communicate us the result of their efforts: thanks to their involvement and the countermeasures developed by us, we continue to enhance the security of our products and services.
• Marwan Ali Albahar (@marwanali2012, https://linkedin.com/in/marwanal)
Umm Alqura University
• Pranav Bhandari (https://www.linkedin.com/in/
Independent Security Researcher