MultiChoice Responsible Disclosure Policy
In terms of our Responsible Disclosure Policy, MultiChoice aims to keep its Service safe for everyone, and data security is of utmost priority.
If you are a security researcher and have discovered a security vulnerability in the Service, we appreciate your help in disclosing it to us in a responsible manner.
MultiChoice will engage with security researchers when vulnerabilities are reported to us in accordance with this Responsible Disclosure Policy (This document).
We will validate, respond and fix vulnerabilities in accordance with our commitment to security and privacy. We won’t take legal action against or suspend or terminate access to the Service of those who discover and report security vulnerabilities in accordance with this Responsible Disclosure Policy (This document).
MultiChoice reserves all of its legal rights in the event of any noncompliance.
Testing:
You may test only against an Account for which you are the Account owner or an Agent authorised by the Account owner to conduct such testing.
In no event are you permitted to access, download or modify data residing in any other Account or that does not belong to you or attempt to do any of the foregoing.
You are also prohibited from:
- executing or attempting to execute any Denial of Service attack;
- knowingly posting, transmitting, uploading, linking to, sending or storing any Malicious Software;
- testing in a manner that would degrade the operation of the Service;
- testing third party applications or websites or services that integrate with or link to the Service.
Reporting:
Share the details of any suspected vulnerabilities with the MultiChoice Self Service Team by completing the Contact Form on our site. Please do not publicly disclose these details without express written consent from MultiChoice.
Our Commitment:
If you identify a verified security vulnerability in compliance with this Responsible Disclosure Policy (This document), MultiChoice commits to:
- Promptly acknowledge receipt of your vulnerability report
- Provide an estimated timetable for resolution of the vulnerability
- Notify you when the vulnerability is fixed