Effective date: May 1, 2019.
This page informs you of our policy regarding the continuous security of visitors to our website. By continuing to use our website, you agree to the terms within this policy.
Our website is hosted in the cloud and goes through periodic security assessment and hardening. The security of our web server is the responsibility of our hosting provider and is not controlled by us. We have also taken these additional steps to show we care about the security of anyone browsing our website:
Use strong HTTPS to encrypt all browsing traffic between users' browsers and our websites.
Set Security Headers that block common client-side attacks and unauthorised content sources.
Harden our website's configuration to mitigate unauthorised access, protect confidential data, and keep services available.
Scan for vulnerabilities
Periodically scan for security vulnerabilities and promptly mitigate identified issues.
Use a web firewall
Automatically filter harmful web traffic and apply virtual patching for new malicious content.
Hunt for threats
Engage Bug hunters in a private Bug Bounty program to help us identify areas of weaknesses across our network.
Vulnerability management & security research
We encourage responsible disclosure of vulnerabilities to us. Responsible disclosure for us means:
Women In Security Jamaica may need to disclose personal data in the good faith belief that such action is necessary to:
- Only share the details of vulnerabilities with us. Do not share the details of any vulnerabilities with the public or publish on any platform.
- Do not exploit vulnerabilities for reporting except where a Proof of Concept (PoC) is needed.
- Do not use the vulnerability to access, modify, harm, or otherwise alter any of our public or private data.
Vulnerabilities that are responsibly disclosed based on the above process are welcomed.
Changes to this security policy
We may update our Security Policy from time to time and it will be reflected here.
If necessary, we may notify by email.
If you have privacy concerns, you should review this Security Policy periodically for any changes. Changes to this Security Policy are effective when they are posted on this page.