N‑able is committing to constantly strengthening its security. Our Security Team continually works to protect our products, services, and data, and input from talented security researchers can help us improve.
We want researchers to share knowledge with us without fear of legal consequences based on good faith attempts to assist us, and we welcome the efforts of researchers that are helpful to the overall security of the Internet and aren’t illegal, unethical, or malicious. You are responsible for complying with any and all relevant laws, terms and conditions, restrictions, and regulations. We cannot bind any third party, and the protections herein do not extend to any third party. If in doubt, contact us at [email protected] before engaging in any specific action you think might go outside the bounds of these terms.
Your research activities are subject to any and all terms and conditions at www.n-able.com, and if your security research violates any of those restrictions, these terms permit a limited exemption for the sole purpose of legitimate security research. We consider security research and vulnerability disclosure activities as “authorized” conduct under the Computer Fraud and Abuse Act, the Digital Millennium Copyright Act (DMCA), and other applicable computer use laws. N‑able will not bring any legal action against anyone who makes a good faith effort to comply with these terms, or for any accidental or good faith violation of these terms, including any claim under the DCMA for circumventing technological measures to protect the services and applications eligible under this policy.
N‑able limits the information it shares with third parties. If we need to share non-identifying substantive information from your vulnerability research to a third party, and we are not compelled by a court order or other official directive to do so, we will only share after receiving your permission and receiving a commitment from the third party that they will not pursue legal action against you. We cannot authorize any activity on third-party products or services or guarantee that a third party won’t pursue legal action against you, and we have no responsibility for your liability related to third parties.
To report a potential vulnerability click here.
