At the Talya Bilişim we greatly value the support of IT security researchers and members of cybersecurity communities in helping us to maintain our high IT security standards.
If you identify an IT security vulnerability relating to any of our websites please notify us promptly before disclosing the vulnerability to the outside world, so that we can take the necessary measures. This is known as responsible disclosure.
Please keep all information relating to the discovered vulnerability secret from all third parties for a period of at least 90 days, allowing us to identify and implement the measures needed to address the issue you have reported.
The current scope for reporting includes the following websites:
the Elektraweb main website : www.elektraweb.com
the Elektraweb PMS website : app.elektraweb.com
How do you notify us?
If you have identified a security vulnerability, please proceed as follows:
Send us your notification as soon as possible via email to [email protected]
Please include the following information in your report:
Please act responsibly in dealing with your discovery of the identified security vulnerability. Do not take any actions that go beyond what is needed to identify and verify the issue. Please do not use the identified security vulnerability to your own advantage and avoid storing any confidential data obtained as a result of the issue.
Examples of vulnerabilities we will consider
Examples of vulnerabilities we will not consider
We continuously monitor our internet-exposed assets to identify security issues and misconfigurations, and we therefore kindly ask that you avoid reporting the following items if they don’t lead to actual exploitation:
How will we respond?
If you report a security vulnerability relating to any of our websites specified above, we will process your report as follows.
We are currently not running a reward programme for reporting vulnerabilities.
You can refer to the privacy statement for more information on how we handle your personal data within the Responsible Disclosure Programme.