Responsible Disclosures

Updated August 7, 2024

NetPark Software LLC (“Company”) is providing this service to help ensure a safe and secure environment for all users.

If external parties find any sensitive information, potential vulnerabilities, or weaknesses, please help by responsibly disclosing it to ResponsibleDisclosure@fullsteam.com.

This policy applies to netPark hosted applications and to any other subdomains or services associated with products. netPark does not accept reports for vulnerabilities which solely affect marketing websites (https://www.netpark.us/), containing no sensitive data.

Security researchers must not:

  • engage in physical testing of facilities or resources,
  • engage in social engineering,
  • send unsolicited electronic mail to netPark users, including “phishing” messages,
  • execute or attempt to execute “Denial of Service” or “Resource Exhaustion” attacks,
  • engage in social engineering,
  • introduce malicious software,
  • execute automated scans or tools that could disrupt services, such as password guessing attacks, or be perceived as an attack by intrusion detection/prevention systems,
  • test in a manner which could degrade the operation of netPark systems; or intentionally impair, disrupt, or disable netPark systems,
  • test third-party applications, websites, or services that integrate with or link to or from netPark systems,
  • delete, alter, share, retain, or destroy netPark data, or render netPark data inaccessible, or,
  • use an exploit to exfiltrate data, establish command line access, establish a persistent presence on netPark systems, or “pivot” to other netPark systems.

Security researchers may:

  • View or store netPark nonpublic data only to the extent necessary to document the presence of a potential vulnerability.

Security researchers must:

  • cease testing and notify us immediately upon discovery of a vulnerability,
  • cease testing and notify us immediately upon discovery of an exposure of nonpublic data, and,
  • purge any stored netPark nonpublic data upon reporting a vulnerability.

Thank you for helping to keep netPark and our users safe!