If you have discovered a vulnerability in a TechSmith product, please review the following TechSmith Vulnerability Disclosure Policy and then use the form below to report it.
Vulnerability Disclosure Philosophy
TechSmith believes effective disclosure of security vulnerabilities requires mutual trust, respect, transparency and common good between TechSmith and Security Researchers. Together, our vigilant expertise promotes the continued security and privacy of TechSmith customers, products, and services.
When you find a vulnerability:
What we'll do:
In Scope Web Entities
In Scope Desktop Products
Out of Scope Web Entities
If you identify a vulnerability on a domain or subdomain owned by TechSmith that is not explicitly mentioned here, you may still report it to us, but it may not be eligible for rewards. If you're unsure whether a particular domain or subdomain is served by TechSmith, please look up the DNS record for it. We frequently redirect techsmith.com subdomains to third-party providers. Please note that several of our services are behind a Web Application Firewall and may appear that way in a DNS lookup. The applications running on these websites are in scope, but testing the Web Application Firewall itself is out of scope.
Please do not test or report the following:
When conducting vulnerability research according to this policy, we consider this research to be:
If at any time you have concerns or are uncertain whether your security research is consistent with this policy, please inquire via firstname.lastname@example.org before going any further.