Security Policy
TeamUp Labs takes security very seriously. We apply industry best practices to protect our customers and to ensure we put security requirements first.
Vulnerability Reporting
TeamUp Labs appreciates the role that independant security reseachers play in Web Application Security today. We encourage any researchers to disclose any vulnerabilities to TeamUp Labs, so we can verify the issue and respond to it.
You can report any vulnerabilities to us at support@teamuplabs.freshdesk.com
TeamUp Labs does not offer compensation (aka Bug Bounties) for identifying vulnerabilities.
Incident Management Policy
TeamUp Labs has a set of policies and measures in place to protect customer data, in order to offer a reliable and secure sevrice. However, we’re aware that despite these measures, security incidents can still occur. In the event that a security incident does occur, TeamUp Labs will follow the process described below.
- Establish whether a potential incident is genuine
- Analyse information to verify whether the incident is plausible
- Determine whether the incident is still ongoing
- Determine scope of the incident and impact to TeamUp Labs and our customers
- Categorize the impact of the incident (we use the same scale that Atlassian uses of 0-3)
- Recovery
- Based on the incident’s impact, determine steps required to contain and eradicate the incident
- Enter the Recovery phase whilst monitoring to ensure the incident is contained
- Notification
- If a customer if affected by a confirmed incident or breach, we will notify them without undue delay.
- Post Mortem so that we can learn from the incident
- Perform root cause analysis to identify actions to address
- Provide an updated Incident Report establishing root cause and recovery actions to affected customers