Back to contents

Software and service security flaw and vulnerability reporting

Reporting issues

Security is critical to our and our customers’ businesses. Privacy and security regulations across the globe have placed a clear emphasis on data confidentiality, integrity and availability as three critical factors in protecting data and the security of networks and systems. These therefore form the core part of our software and services, and their respective development roadmaps and lifecycles.

Report a flaw, vulnerability or other issue
Happy Worker 456X299

Flaw and vulnerability management

We recognise that flaw and vulnerability management has become an increasingly important factor and this page sets out a high level overview of the process that we follow here at Egress.


Our software and services undergo a robust programme of design, development and testing prior to deployment.  This process is set out in our internal Secure Development Lifecycle document which we follow to ensure that any actual, or suspected flaw, vulnerability or security issue is addressed during this pre-launch phase. 


Once deployed, our  software and services are kept under review through regular maintenance and upgrades.  On the rare occasion where a flaw or vulnerability is discovered which either directly or indirectly affects the security, stability or functionality of any of them, immediate action is taken to investigate and evaluate the issue, mitigate its effects and identify appropriate solutions to resolve it.  Resolutions may include application of third-party vendor patches or other upgrades.

On-going maintenance

We carry out regular maintenance of third-party software and services used to deliver our services to ensure that security alerts and vendor updates are applied where appropriate to ensure that they remain up-to-date.

Notifying our supported customers

If we release a new version of our software to fix any identified flaw, vulnerability or security issue, we will advertise this to supported customers (including identifying the severity of the issue that has been resolved).

How to report a security flaw or vulnerability

If you suspect that our software or services may have a flaw, vulnerability, or other issue which may impact on its security you should contact us as soon as possible.

We welcome any reports from independent researchers, security consultants, industry organisations or bodies, or other individuals or organisations with an interest in software and SaaS security.

We commit to handling any externally reported flaw, vulnerability or other security issue appropriately. Indeed, we take any such reports very seriously and our relevant teams will focus on them as a matter of urgency.

We will take direct action to mitigate any flaw, vulnerability or observation as a high-priority to ensure the security and integrity of our software and services.

Report issue
Support Hands Laptop 555X370 27Kb

Report a flaw, vulnerability or other issue