Snow Responsible Disclosure Policy

Keeping our customers safe is our primary concern. Snow has a Secure Development Lifecycle to integrate security into its products from design, through development and release. However, sometimes vulnerabilities escape detection, or exploits are released after the product is already on the market.

We investigate all vulnerability reports and will implement the best course of action to protect our customers. If you are a security researcher and have discovered a security vulnerability in our products, we would appreciate your help in disclosing it to us in a responsible manner.

If you identify a verified vulnerability in compliance with our Responsible Disclosure Policy, we commit to:

Please contact us via security@snowsoftware.com.

Snow CIO and General Counsel reviews our Vulnerability Disclosure policy from a legal and operational perspective on a yearly basis.