APPLICATION SECURITY

Public Disclosure Program

This page outlines how we manage and share information publicly in compliance with regulatory requirements.

REPORT A VULNERABILITY

ProjectTeam is committed to ensuring the security of the ProjectTeam.com for Government (PTG) system from unwarranted disclosures. Security researchers interested in reporting PTG system application security vulnerabilities can notify us at security@projectteam.com.

The following information must be provided to receive a response:

Details of the vulnerability, including the type of vulnerability
Information needed to reproduce and validate the vulnerability, including any Proof-of-Concept code used for exploit
Perceived impact(s) of issue, including how an attacker could exploit the issue
Any additional contact information we may need
Any other pertinent details

You should receive a confirmation of receipt within 72 hours.

ProjectTeam is committed to the timely correction of vulnerabilities. Accordingly, we require that you refrain from sharing information about discovered vulnerabilities for 90 calendar days after you have received our acknowledgment of receipt of your report. If you believe others should be informed of the vulnerability prior to our implementation of corrective actions, we require that you coordinate in advance with us.

We may share vulnerability reports with the Cybersecurity and Infrastructure Security Agency (CISA), as well as any affected vendors.

Features with benefits

Document control

Cost control

Customizations

Reports & dashboards

Files & photos

Platform & integrations

Solutions for your business

Owners

General Contractors

Subcontractors

Public Sector

FedRAMP Solution

Resource center

About us

Blog

Webinars

Case studies

Help center

Professional services

Public Disclosure Program

How to report security vulnerabilities to ProjectTeam