We Value Your Concerns
We value your privacy and aim to keep your information private and secure. We appreciate all security concerns brought forth and are striving to keep on top of the latest threats. Being pro-active rather than re-active to emerging security issues is a fundamental belief at Cision. Every day new security issues and attack vectors are created. We strive to keep abreast of the latest state-of-the-art security developments. If you have discovered a potential security issue with our product, we kindly ask you to let us know as soon as possible.
How To Report Security Issues
When reporting potential issues, please try to be as thorough as possible, providing us enough information so that we can recreate your findings. Make sure you include a code sample and screencast that clearly demonstrates the exploit you have found. If you are using automated tools to find vulnerabilities, please be aware that these tools often report false positives. Most times, it is insufficient to find the vulnerability and provide basic information on the vulnerability. You should explain how the vulnerability can be used to impact user data or our systems. As an example, if you find a clickjacking vulnerability, please clearly show us what end-user sensitive action the end-user can be tricked into performing.
Where to report Security Issues
Please summarize your findings in an email to InfoSec@cision.com. If possible, please encrypt the email by using our PGP Public Key mentioned below.
What Happens Afterwards?
Once you have submitted a security concern, we commit to the following:
- We will immediately take steps to identify if the concern is a legitimate issue and determine its severity.
- We will contact you about our investigation and progress.
Cision Bug Bounty Program
We encourage responsible disclosure of security bugs. While we do not offer monetary compensation, eligible reports will be publicly acknowledged on our Security Researchers Thank You page.
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQENBGL6YAUBCACzY+0gg+/WiUocip4uqY0w/VWuQExpJEabRFqugpHQPNmrJIrc
yl8R9VAry5YX20lbLivtOneg3+q+T1OUCNNM6BBdxvzOmardizUNsrRzw84LEfpC
vmmJAiaw/uumXFQrVcN7SAHwlGvLlG4HoUQyicI1JLaSmEq90vdcNJiTkbwDWbTl
44Sk1HdLg7hpm/j8yWEk7wqkHnhHKkkCgTcFK6ARSN0YHXcuhUUc3w8CMhdpOCi5
s46VMRhulDgUAIvG3TU6RB10PNEsAiEG6ucwqZ5drg6uFgBspPEVzcWy6sxhKasC
u3L/dKJ+zZk6lEMC9cmUWFUUuvt5fjOUfg3HABEBAAG0I0Npc2lvbiBJbmZvc2Vj
IDxJbmZvU2VjQGNpc2lvbi5jb20+iQFOBBMBCgA4FiEEyEt6tvyru89HeRQ2jEXX
xrh7DfAFAmL6YAUCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQjEXXxrh7
DfDITgf/Tn1HWzvYWGWqghvB3+OG3gGX400gZ+44l1dVHmPhmbNnDK3xlz6/c3w/
PjXHkrx8eDCNtSnq8yFaLyF3DqPqf4FBs+0peZVBcY4tiarP7aoYplWMJkB8FmPI
EO3TDPJWsfGQAKwXbzWIdds1RhhP4AtHomuaOzZ9sOH9R26zCnpKaeVhOvIea+S3
YFte1UTv9Jl0ZWGD14T4ol1grPuzarTob0XiCU6mP/ZMPGh5qzrAyxazUvKi+R0w
lfVDZBMfRE+yZN4FJGOMVEjzZqfnosktesNpPCICAoSTUZpERNEkVv+LECU7mS2I
bbRIZ01COS08nryFf50HRX7yELKZtrkBDQRi+mAFAQgA5QARI2szXaM8y5XFjMLM
7SrDhoxlmE10qhoEFA8LRmGRZbwdw7v/ixJ6Gw43+SjRnRNrcHGjkqeBYZeGkMoK
OWjPNJseaYHiHoUWrDT8UBbM1tYLauFSL1BHK09V+e42uNmHxjPv3Nj/tNXudmlR
6LQlBVvZXr8VN99mVr7oDJ1SigxxPLkx4qLPK0OnsvibBBTvC1AuKb3F3RB96u+M
STm5U9AoOj4im2Jy69u6f8nQ0HNG29fCk3wNeCpHRcDc5/OqrroZyHHxFxPvN/AH
40S0h7H3xzL0dQibxiR8UgC7N9JzR0eolbLEOfkSlSYOj9nA9KHK5CNjW72wZjBg
mQARAQABiQE2BBgBCgAgFiEEyEt6tvyru89HeRQ2jEXXxrh7DfAFAmL6YAUCGwwA
CgkQjEXXxrh7DfDyRQgAgkjMP3/2bEl61BgJy+NUK906cmtuFWb7ftwzZA7lont+
Rkb/t8YKDraXLk0tZaYA4N0nKcILzg2BUrgaLcXL5R2pyWa0rdNa+rdGCURLJpvV
/phm3T1IM63a0IGQ9YWxS6+LNWOKMJBNEeOA7sF3od3WHAv0Z4e5nbr5AtokMBvL
YAHENVUmre9FaNciBLLtUmLNeoc6UYJggHoln5/r1EmzBqzsuv8pfxDnrxRg+xA1
3ZE9DDc2E3np9d8dcXSjRmrWHmfyOPXOGb/m7uPXsSRIzWcOMA7r7zDozBypih+W
C5LBWnN/IUPTt4tR/E5c1BBdjtyIMUKUeaNTDCfKBg==
=Tsd5
-----END PGP PUBLIC KEY BLOCK-----