Responsible Disclosure

Raben Group offers comprehensive logistics solution for domestic and international distribution, contract logistics, groupage, full-truck, intermodal and sea & air transport and fresh products logistics.

We deem it very important that our systems satisfy the highest safety requirements. However, if despite our best efforts, you discover a weakness in one of our systems or services, please share with us the results of your tests or any identified vulnerabilities. This will allow us to improve our systems.



Permitted testing methods: all techniques with the exclusion of (D)DOS attacks



Submitting your test results:

  • We only accept submissions in Polish or English.
  • To replicate and investigate a vulnerability, we need sufficient information, such as the IP address, the URL, service name and a detailed description of the weakness / vulnerability.
  • Do not take any steps beyond what is necessary to demonstrate the vulnerability and refrain from sharing information about it, until it is fixed.
  • Your contact data will be much appreciated.
  • To keep the information confidential, please encrypt it with the Raben Group's PGP public key, available below.
  • Raben Group will treat your submission as confidential and respect your privacy, unless such information is required by law to be shared with authorities.
  • Raben Group technical expert’s will evaluate your submission, taking into account its possible impact on our security environment and architecture.
  • Your efforts will be compensated depending on the vulnerability's category and priority.



If you satisfy these conditions, we will not take any legal steps in relation to your actions and confirm your PoC submission within 72 hours.

We appreciate your commitment to improving the safety of our services.

 

Please send your submission to:

E-mail: security@raben-group.com

PGP key: to download below.

PGP KEY TO DOWNLOAD

security_0xE2856A4C_public.asc

Download