Report a vulnerability
Expel is a security company. We mean that in every sense of the word. We provide security operations services using technology built by security-conscious developers and run by security professionals in a secure fashion. That’s a lot of security… *whew*.
Our approach to security
In all seriousness, we’re very concerned with the integrity and assurance of our products and services. We’ve been focused on building a secure platform since day one. From risk assessments and audits to integrated security tests and continuous monitoring, we’re working hard to make sure our technology provides a solid foundation your security operations.
Psst … this includes being transparent about the open source software we use to deliver our service.
Reporting a vulnerability to Expel
If you’d like to report a problem with any of Expel’s services or websites, please contact firstname.lastname@example.org. If you’d like, feel free to use our PGP key that can be found on the public key servers or copied from this link.
Fingerprint: 3411 196E 8B8B 3D19 825F 82A9 1492 85AE C501 7A21
Our approach to vulnerabilities
That doesn’t mean we’re perfect. If you find a bug, defect, vulnerability, or even just something that seems a bit odd with anything Expel does, please let us know. We believe part of our responsibility is positive engagement with the community and facilitating discourse on making our products (and by extension your enterprise and the internet as a whole) more secure.
We recognize that public security research is a critical and ongoing component of the security industry and we welcome discussion with researchers. Our goal when working with researchers is to be transparent in what we are doing, respectful to all parties involved, and timely in our responses. It’s our vulnerability after all; we’re the ones that need to be responsible.