Vulnerability Disclosure Policy

Please read this disclosure policy fully before reporting any vulnerabilities. This policy applies only to original, unreported vulnerabilities; not vulnerabilities already discovered internally and/or externally. Volumetric vulnerabilities are not covered by this policy.

Otter Products, LLC welcomes the support of the online research and security practitioner community to improve the security of our websites. Please be aware Otter Products, LLC does NOT authorize any security research, testing or interactions that could be considered an attack on any of our websites or systems.

If you believe you have discovered a vulnerability (in line with the scope above), please submit it via bugs@otterproducts.com.

After receiving your report, we will endeavor to acknowledge it in a reasonable amount of time and will work to fix the fault as soon as possible. Once the problem has been resolved, we will notify you immediately to confirm that the issue is remediated.