Reporting a security or privacy vulnerability
Ajax Systems Group (hereinafter also referred to as "we", "our", or "Ajax Systems") would like to inform you that you can report potential security threats, bugs, or other security concerns that may relate to Ajax products and software.
If you discover any security or privacy vulnerability affecting Ajax products or software, please report it to us by email at report.vulnerability@ajax.systems.
Please include the following information in your report:
- Your email address so that we can contact you if we have any questions regarding the reported vulnerability.
- A detailed description of the vulnerability, how it was discovered, and clear instructions for reproducing it.
- Screenshots or other images illustrating the vulnerability.
- Proof-of-concept (PoC) test results.
If you submit a vulnerability report, the Ajax Systems cybersecurity team will contact you within 72 hours of receiving it at the email address you provided. We will inform you of the measures we have taken to address and remediate the reported vulnerability. You will receive regular updates every two weeks until we resolve the issue.
Ajax Systems guarantees the confidentiality of the information provided. All data provided in your report will be used solely to communicate with you and address the vulnerability.
We kindly ask you to follow responsible vulnerability disclosure practices and refrain from any unlawful or unethical actions related to security or privacy vulnerabilities, in particular:
- Do not exploit any vulnerability or issue you discover.
- Do not disclose information about the issue publicly or to third parties until it has been resolved.
- Do not use unlawful methods to discover or exploit the vulnerability, such as physical security attacks, social engineering, distributed denial-of-service (DDoS) attacks, spam, or third-party apps.
Security and privacy are core values for Ajax Systems. We hope that you share these values and will follow the principles described in this policy if you discover vulnerabilities in Ajax products or software.
Edition dated June 19, 2026