Download your free copy of our latest research report, Digitising Private Markets >>>

Book a Demo
{"products":[{"name":"Technology","url":"https:\/\/www.deliogroup.com\/products\/technology\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-connect-1.png","description":"Your integrated, digital private market proposition"},{"name":"Expertise","url":"https:\/\/www.deliogroup.com\/products\/expertise\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-expertise-1.png","description":"Develop, scale and enhance how you offer private investments"},{"name":"Connectivity","url":"https:\/\/www.deliogroup.com\/products\/connectivity\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-portfolio-1.png","description":"Institution to institution, deal by deal connectivity"},{"name":"Structuring","url":"https:\/\/www.deliogroup.com\/products\/structuring\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/10\/v0.1-structuring-solutions-icon.png","description":"Elegant and compliant deal structuring solutions"}],"solutions":[{"name":"Scale distribution","url":"https:\/\/www.deliogroup.com\/solutions\/scale-your-private-market-proposition-to-drive-revenue\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_growth.png","description":"Grow your private market proposition to drive revenue"},{"name":"Operational efficiency","url":"https:\/\/www.deliogroup.com\/solutions\/streamline-workflows-to-improve-operational-efficiency\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_efficiency.png","description":"Streamline workflows and outsource deal structuring to drive efficiency"},{"name":"Client engagement","url":"https:\/\/www.deliogroup.com\/solutions\/strengthen-client-relationships-and-improve-distribution\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_engagement.png","description":"Strengthen relationships, gain insight and add value"},{"name":"Robust governance","url":"https:\/\/www.deliogroup.com\/solutions\/embed-robust-governance-processes-around-deal-distribution\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_governance.png","description":"Embed robust governance around deal distribution"},{"name":"Investor reporting","url":"https:\/\/www.deliogroup.com\/solutions\/portfolio-reporting-for-effective-investor-relations\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_reporting.png","description":"Portfolio reporting for effective investor relations"},{"name":"Instant market partnerships","url":"https:\/\/www.deliogroup.com\/solutions\/share-and-receive-deals-on-an-institutional-basis\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-network.png","description":"A private markets solution available \u2018out of the box\u2019"}],"company":[{"name":"About Us","url":"https:\/\/www.deliogroup.com\/company\/about-us\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-about-us-1.png","description":"Introducing Delio's people and culture"},{"name":"Careers","url":"https:\/\/www.deliogroup.com\/careers\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-careers-1.png","description":"What it's like to work at Delio"}]}

Overview

At Delio, we consider the security of our systems a top priority. However, no technology is perfect and Delio believes that working with skilled security researchers across the globe is very important in identifying weaknesses in any technology. If you believe you’ve found a security issue in our product or service, we appreciate your help in disclosing it to us in a responsible manner. We welcome working with you to resolve the issue promptly.

Delio will engage with security researchers when vulnerabilities are reported to us as described here. We will validate, respond, and fix vulnerabilities in support of our commitment to security and privacy. We won’t take legal action against, suspend, or terminate access to the Service of those who discover and report security vulnerabilities responsibly. Delio reserves all of its legal rights in the event of any non-compliance.

As thanks for your help, we offer a reward for every report of a security problem that is not known to us. We determine the value of the reward on the basis of the seriousness of the breach and the quality of the report.

Reporting

Share the details of any suspected vulnerabilities with the Delio Security Team by filing a report. Please do not publicly disclose these details outside of this process without explicit permission. In reporting any suspected vulnerabilities, please include the following information:

  • Vulnerable URL – the endpoint where the vulnerability occurs;
  • Vulnerable Parameter – if applicable, the parameter where the vulnerability occurs;
  • Vulnerability Type – the type of the vulnerability;
  • Steps to Reproduce – step-by-step information on how to reproduce the issue;
  • Screenshots or Video – a demonstration of the attack; and
  • Attack Scenario – an example attack scenario may help demonstrate the risk and get your issue resolved faster.

Reports that carry an acceptable risk but demonstrate a valid security-related behavior will be closed as informative. Submissions that don’t present a security risk, are false positives, or are out of scope will be closed as N/A.

Identical reports will be marked as “Duplicate[s]” of the original submission; the original report can be marked as (but not limited) to “Triaged”, “N/A”, or “Informative.”

While we currently do not have a formal vulnerability reporting system in place at this time, please reach out to security@deliogroup.com to report any critical issues you may discover. Please encrypt any sensitive data with our PGP key.

Disclosure policy

  • Let us know as soon as possible upon discovery of a potential security issue, and we’ll make every effort to quickly resolve the issue.
  • Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.
  • Submissions may be closed if a researcher is non-responsive to requests for information after 14 days.

Exclusions

In no event are you permitted to access, download or modify data residing in any other Account, or one that is not registered to you. While researching, we’d like to ask you to refrain from:

  • Executing or attempting to execute any “Denial of Service” attack.
  • Actions which affect the integrity or availability of program targets are prohibited and strictly enforced. If you notice performance degradation on the target systems, you must immediately suspend all use of automated tools.
  • Social engineering (including phishing) of Delio staff or contractors
  • Any physical attempts against Delio property or data centers
  • Knowingly posting, transmitting, uploading, linking to, sending or storing any Malicious Software.
  • Testing in a manner that would result in the sending of unsolicited or unauthorized junk mail, spam, pyramid schemes or other forms of duplicative or unsolicited messages.
  • Testing or otherwise accessing or using the Service from any jurisdiction that is a Prohibited Jurisdiction.
  • Testing third party applications or websites or services that integrate with or link to the Service.

Our commitment

We ask that you do not share or publicise an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, the Delio security team and associated development organizations will use reasonable efforts to:

  • Acknowledge receipt of your vulnerability report in a timely manner
  • Provide an estimated time frame for addressing the vulnerability report
  • Notify you when the vulnerability is fixed

As a token of our gratitude for your assistance, we offer a reward for every report of a security problem that was not yet known to us. The amount of the reward will be determined based on the severity of the leak and the quality of the report.