Talk to an expert

INFORSYS LLC Security & Vulnerability Disclosure Policy

Security at INFORSYS LLC

INFORSYS LLC is committed to protecting the confidentiality, integrity, and availability of our systems, services, and customer information.

We welcome responsible security research and encourage the reporting of potential security vulnerabilities.

Reporting a Security Vulnerability

If you believe you have discovered a security vulnerability affecting INFORSYS LLC systems, websites, applications, or cloud services, please report it to:

Security Contact: security@inforsysllc.com

If a dedicated security mailbox is not yet established, use:

Alternative Contact: info@inforsysllc.com

Please include:

  • Description of the vulnerability
  • Steps to reproduce the issue
  • Affected URL, system, or service
  • Screenshots or proof-of-concept (if available)
  • Your contact information

Our Commitment

INFORSYS LLC will:

  • Acknowledge receipt of vulnerability reports within five (5) business days.
  • Review and validate reported issues.
  • Investigate confirmed vulnerabilities.
  • Remediate validated security issues based on risk and business impact.
  • Maintain confidentiality regarding reported vulnerabilities whenever possible.

Responsible Disclosure Guidelines

Researchers agree to:

  • Avoid accessing, modifying, or deleting data.
  • Avoid service disruption or denial-of-service activities.
  • Avoid social engineering, phishing, or physical attacks.
  • Avoid accessing information beyond what is necessary to demonstrate the vulnerability.
  • Provide reasonable time for remediation before public disclosure.

Out of Scope

The following activities are not authorized:

  • Denial-of-Service (DoS/DDoS) testing
  • Social engineering
  • Physical security testing
  • Spam or phishing campaigns
  • Accessing customer data
  • Destructive testing

Safe Harbor

INFORSYS LLC will not pursue legal action against individuals who:

  • Act in good faith
  • Follow this policy
  • Avoid privacy violations and service disruption
  • Promptly report discovered vulnerabilities

Program Status

INFORSYS LLC currently operates a Vulnerability Disclosure Program (VDP). At this time, INFORSYS LLC does not offer monetary rewards for vulnerability submissions.

Last Updated: June 2026