diff --git a/source/administration/vulnerability-notification.txt b/source/administration/vulnerability-notification.txt index 840291872e2..fdc2bbb1202 100644 --- a/source/administration/vulnerability-notification.txt +++ b/source/administration/vulnerability-notification.txt @@ -57,7 +57,7 @@ vulnerabilities via email to . You may encrypt email using our `public key `_, to ensure the privacy -of a any sensitive information in your vulnerability report. +of any sensitive information in your vulnerability report. 10gen will respond to any vulnerability notification received via email with a response email that contains a reference number for a Jira ticket @@ -70,19 +70,19 @@ Evaluation to track all communications regarding the vulnerability, which may include requests for clarification and for additional information. If needed 10gen representatives can set up a conference call to exchange -information regaining the vulnerability. +information regarding the vulnerability. Disclosure ~~~~~~~~~~ 10gen requests that you do *not* publicly disclose any information -regarding the vulnerability or exploit until 10gen has had the +regarding the vulnerability or exploit the issue until 10gen has had the opportunity to analyze the vulnerability, respond to the notification, and to notify key users, customers, and partners if needed. The amount of time required to validate a reported vulnerability depends on the complexity and severity of the issue. 10gen takes all -required vulnerabilities very seriously, and will always ensure that +required vulnerabilities very seriously and will always ensure that there is a clear and open channel of communication with the reporter of the vulnerability.