RESPONSIBLE DISCLOSURE

Responsible Disclosure Program

RevOps is committed to the security of our systems and our customer data
We appreciate and encourage security researchers to contact us to report potential vulnerabilities identified in any product, system, or asset directly managed by RevOps. If you believe you have identified a potential security vulnerability, please share it with us by following the submission guidelines below. We agree to review any submissions in a timely manner and appreciate researchers assisting us in our security efforts.

*Please note:Ā RevOps does not operate a public bug bounty program and we cannot offer reward or compensation in exchange for submitting issues at this time.
PROGRAM GUIDELINES
Researchers shall disclose potential vulnerabilities in accordance with the following guidelines:
  • Do not engage in any activity that can potentially or actually cause harm to RevOps, our customers, or our employees.
  • Do not engage in any activity that can potentially or actually stop or degrade RevOps services or assets.
  • Do not engage in any activity that violates (a) federal or state laws or regulations or (b) the laws or regulations of any country where (i) data, assets or systems reside, (ii) data traffic is routed or (iii) the researcher is conducting research activity.
  • Do not store, share, compromise or destroy RevOps or customer data. If Personally Identifiable Information (PII) is encountered, you should immediately halt your activity, purge related data from your system, and immediately contact us.
  • Provide RevOps reasonable time to fix any reported issue, before such information is shared with a third party or disclosed publicly.
Once a report is submitted, RevOps commits to provide prompt acknowledgment of receipt of all reports (within two business days of submission) and will keep you reasonably informed of the status of any validated vulnerability that you report through this program.
OUT OF SCOPE VULNERABILITIES
Certain vulnerabilities are considered out of scope for our Responsible Disclosure Program. Out-of-scope vulnerabilities include:
  • Physical Testing or contact with RevOps customers or employees
  • Social Reverse Engineering. Do not attempt to steal cookies, fake login pages or collect credentials through phishing or social attacks
  • Phishing
  • Denial of Service Attacks
  • Resource Exhaustion Attacks
  • Any attacks that attempt to overwhelm or negatively degrade services for existing customers
Once a report is submitted, RevOps commits to provide prompt acknowledgment of receipt of all reports (within two business days of submission) and will keep you reasonably informed of the status of any validated vulnerability that you report through this program.
SUBMISSION FORMAT
When reporting a potential vulnerability, please include a detailed summary of the vulnerability, including the target, steps, tools, and artifacts used during discovery (screen captures welcome). Submit a copy of your findings and instructions to security@revops.io.

SOC-2 TYPE 2 COMPLIANT

Our SOC-2 Type 2 report certifies that the data handled and managed by RevOps is classified in accordance with the highest standards

WE ARE PCI CERTIFIED

OUR PEERING PROVIDERS ARE SOC-2 & GDPR-COMPLIANT

RevOps is the modern Deal Desk platform with a simple mission: enable businesses to build a scalable Deal Desk operation that helps their sales organizations close more deals faster, unify branding, reduce contract errors, and provide a centralized agreement repository. Founded in 2018, RevOps has enabled businesses from early-stage startups to unicorns to build scalable Deal Desk operations. Letā€™s celebrate every sale! šŸŽ‰
Schedule a Demo
COMPANY
AboutContactCareersSystem Status
Resources
Template GalleryDeveloperSecurityResponsible DisclosureWhistleblower Form
Learn
KnowledgebaseBlogRelease NotesWebinarsGlossary
eSignature
Revenue Operations
Upsell
Co-Term
Configure, Price, Quote (CPQ)
Deal Desk
Privacy Policy Ā | Ā Terms of Use Ā | Ā Cookie Policy Ā | Ā Disclaimer
ā€