logolicense

Trio's Responsible disclosure policy

Trio is committed to security, We care deeply about the safety and security of our customer’s data. We deeply value all those in the security community who help us ensure 100% security of all our systems at all times. We reward reporters for the responsible disclosure of in-scope issues and exploitation techniques.

How to Report a Vulnerability?

If you happen to have identified a vulnerability on any of our web or mobile app properties, we request you to follow the steps outlined below:

Programme rules

Eligibility

Scope

  1. Any website that is owned by Tri O Tech

Qualifying Vulnerabilities

Any design or implementation issue that is reproducible and substantially affects the security of Trio users is likely to be in scope for the program. Common examples include:

Exclusions

The following bugs are unlikely to be eligible:

Acknowledgements

We do not have a bounty/cash reward program for such disclosures, but we express our gratitude for your contribution in different ways. For genuine ethical disclosures, we would be glad to publicly acknowledge your contribution in this section on our website. Of course, this will be done if you want a public acknowledgement.

Hall of Fame

This is dedicated to recognizing the contributions of our top security researchers who have helped us improve the security of our systems and applications through their bug reports.

We are proud to showcase their names and acknowledge their outstanding efforts in making our service more secure and reliable for our users. We are grateful for the time and expertise that these researchers have invested in testing and reporting vulnerabilities to us. Their contributions have helped us identify and address potential security issues before they can be exploited by malicious actors.