SmartDraw Vulnerability Disclosure Policy

We take the security of our systems seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users.

Guidelines

We require that all researchers:

Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing;
Perform research only within the scope set out below;
Use the identified communication channels to report vulnerability information to us; and
Keep information about any vulnerabilities you've discovered confidential between yourself and SmartDraw Software, LLC until we've had 90 days to investigate and respond or resolve the issue.

If you follow these guidelines when reporting an issue to us, we commit to:

Not pursuing or supporting any legal action related to your research;
Working with you to understand and resolve the issue quickly (including an initial confirmation of your report within 72 hours of submission);
Recognizing your contribution on our Security Researcher Hall of Fame, if you are the first to report the issue and we make a code or configuration change based on the issue.

Scope

Out of Scope

Any services hosted by 3rd party providers and services are excluded from scope. These services include:

List of sub-processors used by SmartDraw Software

In the interest of the safety of our users, staff, the Internet at large and you as a security researcher, the following test types are excluded from scope:

Findings from physical testing such as office access (e.g. open doors, tailgating)
Findings derived primarily from social engineering (e.g. phishing, vishing)
Findings from applications or systems not listed in the 'Scope' section
UI and UX bugs and spelling mistakes
Network level Denial of Service (DoS/DDoS) vulnerabilities

Things we do not want to receive:

Personally identifiable information (PII)
Credit card holder data

How to report a security vulnerability?

If you believe you've found a security vulnerability in one of our products or platforms, please send it to us by filling out this form. Please include the following details in your report:

Description of the location and potential impact of the vulnerability;
A detailed description of the steps required to reproduce the vulnerability. Link to screenshots and screen captures if necessary; and
Your name and email for recognition in our Hall of Fame.

Product

What's New?

Solutions By Team

Save Money, Reduce Hassle, and Get More

Learn

Developer Resources

Additional Resources

Enterprise

Solutions For Your Team

SmartDraw Vulnerability Disclosure Policy

Guidelines

Scope

Out of Scope

How to report a security vulnerability?

Product

DiagrammingBuild diagrams of all kinds from flowcharts to floor plans with intuitive tools and templates.

WhiteboardingCollaborate with your team on a seamless workspace no matter where they are.

DataGenerate diagrams from data and add data to shapes to enhance your existing visuals.

Enterprise FriendlyEasy to administer and license your entire organization.

SecuritySee how we keep your data safe.

Apps & IntegrationsConnect to all the tools you use from Microsoft, Google Workspace, Atlassian, and more.

What's New?

Solutions By Team

Product ManagementRoadmap features, brainstorm, and report on development, so your team can ship features that users love.

Software EngineeringDesign and maintain complex systems collaboratively.

Information TechnologyVisualize system architecture, document processes, and communicate internal policies.

SalesClose bigger deals with reproducible processes that lead to successful onboarding and training.

Save Money, Reduce Hassle, and Get More

Learn

Getting StartedLearn to make visuals, familiarize yourself with the UI, choosing templates, managing documents, and more.

TemplatesGet inspired by browsing examples and templates available in SmartDraw.

DiagramsLearn about all the types of diagrams you can create with SmartDraw.

WhiteboardLearn how to combine free-form brainstorming with diagram blueprints all while collaborating with your team.

Data VisualizersLearn how to generate visuals like org charts and class diagrams from data.

SupportSearch through SmartDraw's knowledge base, view frequently asked questions, or contact our support team.

Developer Resources

Development PlatformBrowse built-in data visualizers and see how you can build your own custom visualization.

Open APIThe SmartDraw API allows you to skip the drawing process and generate diagrams from data automatically.

Shape DataAdd data to shapes, import data, export manifests, and create data rules to change dashboards that update.

Additional Resources

Enterprise

Site LicenseSite licenses start as low as $2,995 for your entire organization.

Team LicenseThe SmartDraw Team License puts you in control with powerful administrative features.

SecuritySee how we keep your data safe.

Apps & IntegrationsConnect to all the tools you use.

Solutions For Your Team

SmartDraw Vulnerability Disclosure Policy

Guidelines

Scope

Out of Scope

How to report a security vulnerability?

Diagramming
Build diagrams of all kinds from flowcharts to floor plans with intuitive tools and templates.

Whiteboarding
Collaborate with your team on a seamless workspace no matter where they are.

Data
Generate diagrams from data and add data to shapes to enhance your existing visuals.

Enterprise Friendly
Easy to administer and license your entire organization.

Security
See how we keep your data safe.

Apps & Integrations
Connect to all the tools you use from Microsoft, Google Workspace, Atlassian, and more.

Product Management
Roadmap features, brainstorm, and report on development, so your team can ship features that users love.

Software Engineering
Design and maintain complex systems collaboratively.

Information Technology
Visualize system architecture, document processes, and communicate internal policies.

Sales
Close bigger deals with reproducible processes that lead to successful onboarding and training.

Getting Started
Learn to make visuals, familiarize yourself with the UI, choosing templates, managing documents, and more.

Templates
Get inspired by browsing examples and templates available in SmartDraw.

Diagrams
Learn about all the types of diagrams you can create with SmartDraw.

Whiteboard
Learn how to combine free-form brainstorming with diagram blueprints all while collaborating with your team.

Data Visualizers
Learn how to generate visuals like org charts and class diagrams from data.

Support
Search through SmartDraw's knowledge base, view frequently asked questions, or contact our support team.

Development Platform
Browse built-in data visualizers and see how you can build your own custom visualization.

Open API
The SmartDraw API allows you to skip the drawing process and generate diagrams from data automatically.

Shape Data
Add data to shapes, import data, export manifests, and create data rules to change dashboards that update.

Site License
Site licenses start as low as $2,995 for your entire organization.

Team License
The SmartDraw Team License puts you in control with powerful administrative features.

Security
See how we keep your data safe.

Apps & Integrations
Connect to all the tools you use.