Rapid Deploy logos (CAD)_ .png
 

Reliability & Security

 
 
Secure.PNG

Premium Security Guaranteed

  • Highly resilient with best-in-class cyber-security.

  • No more reliance on single point of failure and vulnerable infrastructure. 

  • No more downtime for updates.

  • Government-level security.  

 

 

Constant Vulnerability Monitoring

At RapidDeploy, we continuously manage vulnerability to ensure that our systems are monitored on a real-time basis for vulnerabilities to be patched, managed or addressed with speed and precision through automation. This is one of our “5 Keys to Security Success” that we have implemented to make sure security is at the forefront of RapidDeploy: Configuration Management, Software Development Life-cycle Security, Continuous Vulnerability Management, Threat Hunting, and Offensive Analysis.

 

 

Vulnerability Disclosure Procedures

 

Reporting & Disclosure Process

To report any security vulnerabilities, please email security@rapiddeploy.com. We will acknowledge receipt of your vulnerability report on the next business day and add your email to a webform supported by HTTPS, wherein you may disclose the vulnerability, upload documentation, and mark your submission with a Public PGP key.  We will strive to send you regular updates about our progress. If you are curious about the status of your disclosure, please feel free to email us again.

Public Vulnerability Disclosure

Please refrain from requesting compensation for reporting vulnerabilities. If you want, we will publicly acknowledge your responsible disclosure upon a review determination.  We also try to make the confidential issue public after the vulnerability is announced.  We believe that this recognizes security researchers for their important role in keeping users safe and keeping us honest.

Confidentiality Issues

When a vulnerability is suspected or discovered, we create a confidential security issue to track it internally. Security patches are pushed upon their review and testing like all other patches. They will not be made available until the release has been committed. At that time, the vulnerability may be made public at the discretion of RapidDeploy, whose primary charge is ensuring the security and safety of first responders and people in need of emergency services.  We will do our level best to respect the normative 90-day disclosure window.  However, given the life and safety nature of RapidDeploy’s products, please respect that public disclosure is at the discretion of RapidDeploy.