TeamUp Labs takes security very seriously. We apply industry best practices to protect our customers and to ensure we put security requirements first.
TeamUp Labs appreciates the role that independant security reseachers play in Web Application Security today. We encourage any researchers to disclose any vulnerabilities to TeamUp Labs, so we can verify the issue and respond to it.
TeamUp Labs does not offer compensation (aka Bug Bounties) for identifying vulnerabilities.
Incident Management Policy
TeamUp Labs has a set of policies and measures in place to protect customer data, in order to offer a reliable and secure sevrice. However, we’re aware that despite these measures, security incidents can still occur. In the event that a security incident does occur, TeamUp Labs will follow the process described below.
Establish whether a potential incident is genuine
Analyse information to verify whether the incident is plausible
Determine whether the incident is still ongoing
Determine scope of the incident and impact to TeamUp Labs and our customers
Categorize the impact of the incident (we use the same scale that Atlassian uses of 0-3)
Based on the incident’s impact, determine steps required to contain and eradicate the incident
Enter the Recovery phase whilst monitoring to ensure the incident is contained
If a customer if affected by a confirmed incident or breach, we will notify them without undue delay.
Post Mortem so that we can learn from the incident
Perform root cause analysis to identify actions to address
Provide an updated Incident Report establishing root cause and recovery actions to affected customers