Important: Have you used a Google Dork or Bug Bounty list to find this page?
If you have used a 'dork' list to find this page it's important that you realise that any action you take against Highways without our authorisation will be prosecuted to the highest extent permissible by both regional and international law. This program exists for responsible disclosure of issues, not an authorisation to hack or otherwise target our systems.
In short, if you target that our systems without our expressed permission, we will immediately begin legal proceedings against you.
Highways are proud to offer incredible and secure software. But we know that even the best software can have bugs.
If you have found a security issue with a Highways system, we ask you not to publicly disclose the issue until you have spoken to us. We believe, wholeheartedly, in welcoming those that highlight security issues so that we can resolve them promptly as a team. We likewise believe in issuing credit to those that take the time to responsibly disclose an issue to us.
Important - Please Read
- We do not permit any action against our production systems. If you want to test a theory or our systems, we will provide you with a replicate staging environment to test against.
- Bugs or issues must cause moderate to severe business impact to be considered. Typo's on our website, for example, are welcomed but don't fall under bug criteria.
- You MUST ask us for permission first. If you spot something or think we have an issue, contact us before testing your theory. We assume all attempts without permission are malicious and we will react accordingly.
- Concentrated, sustained or automated attacks against our systems are prohibited. Any attempt to extract customer data is prohibited. If you think we have an issue, tell us first and we will give you permission to check it exists. Otherwise, don't attempt to hack or otherwise take control of our systems.
In summary, if you spot something, tell us first and we will discuss it with you. This policy is not a get out of jail for a free card if you hack our systems without telling us.
Please forward any security issues, bug reports or errors to firstname.lastname@example.org or chat to us below.