Author Topic: GeoTab Bug Bounty  (Read 4494 times)

Angelina

  • Moderator
  • Experienced Member
  • *****
  • Posts: 357
    • View Profile
GeoTab Bug Bounty
« on: September 20, 2023, 06:53:24 pm »
submit bug report: https://www.geotab.com/security/

Geotab’s security policy
Geotab takes a rigorous approach to information security following the principle of continuous improvement. To protect ourselves, our customers and partners, Geotab is constantly reviewing, improving and validating our security mechanisms and processes to ensure our systems remain resilient to intrusion and disaster. Geotab also collaborates with leading stakeholders to advance security across the industry. As we grow, more industries, fleets and customers will benefit from Geotab’s uncompromising stance on information security.

Compliance
Geotab demonstrates our commitment to information security and data protection through validation of our system and processes. Compliance certifications and authorizations:

•ISO/IEC 27001:2013 Information Security Management System

•FedRAMP Authorized for Geotab cloud-based telematics platform

•FIPS 140-2 validation for the Geotab GO device cryptographic library

•Cyber Essentials Certificate

Cybersecurity
Cybersecurity is an essential part of your business, now more than ever. Learn data security best practices for executives. Get information on cybersecurity notifications and standards to help mitigate cyber risk.


Customer data privacy
Geotab provides its customers with an industry-leading, open platform fleet management solution for collecting and analyzing vehicle and fleet data. With Geotab, customers have power and control over their own data. Although the Geotab platform does not require personal data, nevertheless, some customers may choose to include personal data (also called personally identifiable information or PII), such as driver-specific data, to help achieve additional business goals.

Maintaining the privacy of customers’ data is an important priority of Geotab’s data management activities. As a data processor, Geotab implements and maintains technical and organizational measures designed to keep customer data secure and private. Individual customer data is processed according to the customer’s instructions and chosen settings that enable the proper functioning of the solution and its ongoing improvement. Geotab has carefully controlled and audited access to personal data in a customers’ database in the event that the customer needs support on their data for safety or troubleshooting.

Vulnerability responsible disclosure
Geotab takes security and transparency very seriously and we appreciate the ongoing efforts of Individuals or entities who study security and/or security vulnerabilities. To better serve security researchers, Geotab has developed a program to make it easier to report vulnerabilities and to recognize those researchers for their effort to make the Internet a safer place. This policy provides Geotab’s guidelines for reporting vulnerabilities to Geotab.

If you believe you have found a security vulnerability that could impact Geotab or our customers, we encourage you to let us know right away. We will investigate all legitimate reports and do what is required to fix the problem as soon as possible. We ask that all researchers follow our Vulnerability Disclosure Policy and make a good faith effort to avoid privacy violations, destruction of data and interruption of services during your research.