0

Arrow Right
About us
Arrow Right
Our brands
Arrow Right
Sustainability
Arrow Right
Investor relations
News and media
Careers
Contact us
About us
Our people
Our board
Corporate governance
Arrow Right
Our brands
ALH
BWS
Dan Murphy's
DELIVERY by endeavour
endeavourX
LANGTONS
MixIn
Paragon Wine Estates
Pinnacle Drinks
Arrow Right
Sustainability
Sustainability strategy
Reports
Responsibility and community
People
Planet
Arrow Right
Investor relations
Annual general meetings
Reports
Results and presentations
ASX announcements
Share price and dividends
Shareholder calendar
Shareholder information
Corporate governance
Arrow Right
StrategyCase studiesReportsResponsibility & CommunityPeoplePlanet

Vulnerability disclosure policy

Last price / Today’s change

$0.000

-$0.000 (-0.000%)

Volume

0,000,000

Bid / Offer range

$0.000

–

$0.000

Purpose

The Vulnerability Disclosure Policy provides guidance on how independent security researchers can advise Endeavour Group of any potential or identified security vulnerabilities within Endeavour Group.

If you have any questions regarding its contents, we invite you to contact our Privacy Officer, whose contact details are contained in Section 17 below.

Scope

This Vulnerability Disclosure policy applies to independent security researchers for any internet facing systems or Software as a Service (SaaS) cloud services.

Policy

Endeavour Group holds significant amounts of information about our customers, Team Members, business partners and the communities we serve. We are entrusted with this information and care about protecting it. The security researcher community makes valuable contributions to the security of an organisation and we at Endeavour Group are eager to maintain a good relationship with this community. This relationship will help us to improve our own security.

1. Identifying Potential Security Vulnerabilities

If you believe you have discovered a security weakness (vulnerability), or potential security weakness, within Endeavour Group please report it to [email protected] as quickly as possible. 

We will try to address all identified issues in a timely manner and ask that you allow us a reasonable timeframe to review and address the issue before it is publicly disclosed. Details of any potential security vulnerabilities must not be publicly disclosed without our express written consent from an appropriately authorised endeavour group employee.

It will be viewed as a collaboration if security vulnerabilities are reported to us in accordance with this policy. In the event that a security vulnerability is not reported in accordance with this policy, we reserve all of our legal rights. 

We acknowledge that responsible security research will occur and will work with the security research community. 

The following list, which is not exhaustive, contains the types of techniques that are not permitted during research activities:

- Any activities that violate laws or regulations
- Clickjacking
- Social engineering or phishing attacks
- Accessing or attempting to access accounts or data
- Attempting to or actually destroying data
- Data exfiltration including site replication
- Denial of service (DoS) or distributed denial of service (DDoS) attack
- Physical attacks

2. How to Report a Security Vulnerability

‍To report a security vulnerability to the Endeavour Group Cyber Security team email [email protected] with the subject: INDEPENDENT SECURITY RESEARCHER ADVISORY. 

Please include as much information as possible to help us reproduce the vulnerability. This includes, but is not limited to: 

- An explanation of the potential security vulnerability.
- The steps taken to produce the vulnerability 
- Your contact details

When a report is made for a new vulnerability, we ask that you keep the information confidential and do not make your research public until we have completed our investigation and where applicable, have remediated or mitigated the vulnerability.

3. What Happens Next?

Once a security vulnerability has been reported we will aim to respond to you with an initial response within 5 business days. We will keep you informed of our progress on addressing the potential vulnerability. We will also inform you when the vulnerability has been remediated or mitigated.

We do not compensate individuals or organisations for identifying potential or confirmed security vulnerabilities but we will publicly recognise the researchers who discovered the vulnerability, subject to their consent.  

4. Recognition for Identifying Vulnerabilities

Below are the names or aliases of researchers who have identified and disclosed security vulnerabilities to us in accordance with our Vulnerability Disclosure Policy.

News and media
Careers
Contact us
Become a supplier
About us
Our brands
Sustainability
Investor relations

Explore

We acknowledge the Traditional Custodians of Country throughout Australia and recognise their continuing connection to land, waters and community. We pay our respects to Elders past, present and emerging and commit to continued listening to and learning from First Nations’ voices.
↑
Copyright © 2022
Endeavour Group Limited – All rights reserved
Terms & ConditionsPrivacy at Endeavour GroupWhistleblowing policy

Sustainability news

The Royal Oak Hotel hosts first Vegan Festival exploring plant-based food and drinks
1
February
2024
Read
Dan Murphy’s champions the spirit of giving supporting National GIVIT Day
4
December
2023
Read
Dan Murphy’s launches rapid cooling technology to chill drinks in just three minutes
4
December
2023
Read
Partnership between ALH Hotels and former Yellow Wiggle Greg Page’s Heart of the Nation charity sees lifesaving AEDs rolled out to pubs across the country
25
October
2023
Read
Endeavour Group reminds customers to Always respect, always DrinkWise this footy finals season
30
August
2023
Read
Zero the new hero as Dan Murphy’s opens the doors to its first bar
29
March
2022
Read
News and media
Careers
Contact us
Become a supplier
Retail supplier
Non-retail supplier
About us
Our brands
Sustainability
Investor relations

Explore

We acknowledge the Traditional Custodians of Country throughout Australia and recognise their continuing connection to land, waters and community. We pay our respects to Elders past, present and emerging and commit to continued listening to and learning from First Nations’ voices.
↑
Copyright © 2022
Endeavour Group Limited – All rights reserved
Terms & ConditionsPrivacy policyWhistleblowing policy

Sustainability news

The Royal Oak Hotel hosts first Vegan Festival exploring plant-based food and drinks
1
February
2024
Read
Dan Murphy’s champions the spirit of giving supporting National GIVIT Day
4
December
2023
Read
Dan Murphy’s launches rapid cooling technology to chill drinks in just three minutes
4
December
2023
Read
Partnership between ALH Hotels and former Yellow Wiggle Greg Page’s Heart of the Nation charity sees lifesaving AEDs rolled out to pubs across the country
25
October
2023
Read
Endeavour Group reminds customers to Always respect, always DrinkWise this footy finals season
30
August
2023
Read
Zero the new hero as Dan Murphy’s opens the doors to its first bar
29
March
2022
Read