Describe your vulnerability management and notification process.

Vulnerabilities are identified through quarterly vulnerability scans conducted by a third-party. High risk and critical vulnerabilities are addressed immediately, while other vulnerabilities are addressed based on the company’s risk evaluation. The company also has a responsible disclosure program to receive vulnerability reports from external parties.