Overview
At Quick Heal, our mission is to keep our users systems and devices secured and protected against all types of cyber threats with products that run the latest and cutting-edge technology. Our engineering team institutes multiple fail-safe practices and processes, and the products undergo rigorous tests before they are released to the market. Having said that, there might occur certain rare situations where unintended security flaws are reported in our products and services. With the help of this section, we intend to provide a forum where potential vulnerabilities can be reported and we can work closely with you to mitigate the associated risks.
What is a security vulnerability?
A security vulnerability (also known as a security hole) is a security flaw detected in a product that may leave it open to attacks by hackers and malware. A remedy for such a vulnerability is known as a patch, applying which leaves fewer options for hackers to exploit the affected system.
Report a security vulnerability
If you are a security researcher and have discovered a security vulnerability in a Quick Heal product, please send us an email at secure(@)quickheal.com describing the below-listed information. Please note that, the more information you provide the better our team will be able to analyze the vulnerability and device a solution for it.
- Description and type (Buffer Overflow, XSS, Access Control, etc.) of the issue
- Severity and impact of the issue
- Product and version
- Instructions and procedure to reproduce the issue including any additional information such as:
- Operating System details including service packs, security updates, or other updates for the product you have installed wherever relevant
- Any special configurations required to reproduce the issue
- Proof-of-concept or exploit code
In response to your vulnerability report received on secure(@)quickheal.com, you should receive a reply from us within 5 business days.
We appreciate the time and effort invested by you in our mission to make our products and services free of security flaws and the risks associated with them. And besides expressing our gratitude, we would like to acknowledge your contribution with a reward post validation/confirmation of the reported vulnerability.
Read more about our Vulnerability Disclosure Policy and Vulnerability Rewards Program from the links given below: