For Employees For Employers About
Flare Cars
Novated leasing
About Flare CarsHow it worksIs a novated lease worth it?Electric vehiclesFAQs
Get started
Calculate savingsLatest dealsIn stock vehiclesCar brandsDriver stories
Lease a PHEV before April 1 2025 & pay no FBT

Plus get a $500 cashback from us. Browse our range of top selling Australian PHEVs today

Browse now
Contact & support
Existing Flare member
Flare account loginDriver portal login
Support
Contact Flare CarsHelp with benefits app/portalHelp with onboarding
Contact the Flare team

Still haven't found what you're looking for? We're here to help.

Contact us
Calculate savings
Benefits program
Flare Benefits
Benefits managementBenefits calculatorNovated leasingBenefits appOnboarding with benefits
Get started
Benefits calculatorPricingAccess your industry data
Flare National Employee Benefits Index

Explore insights from our comprehensive survey of 1500+ Australian workers across a variety of industries, revealing the benefits that genuinely make an impact.

Explore now
Solutions
Solutions
Attracting talentRetaining talentEmployee remuneration
Segments
For enterpriseFor mid-marketFor SMEIndustry data
Struggling with high employee turnover?

Elevate your talent attraction and retention with free employee benefits. Uncover a platform that effortlessly entices, engages, and retains your valuable staff.

Get a free demo
Customer stories
Featured customers
HealiusSee all stories
Industries
Talent managementEducationHealthcare
Flare customers at Healius have a retention rate of 98%.

See how leading healthcare organisation Healius turned turnover into triumph with Flare employee benefits.

Read Healius’ story
Resources
Guides
Workplace wellbeing guideEVP GuideFinancial wellbeing guide
Other Content
ArticlesSuccess storiesFactsheets
Take a deep dive into your industry’s data

Develop your business skills and HR expertise with the Flare Benefits Resource Hub. Get access to helpful tools, articles, guides, webinars, and other on-demand resources that can help your business attract, hire, and retain top talent.

Explore insights from our comprehensive survey of 1500+ Australian workers across a variety of industries, revealing the benefits that genuinely make an impact.

Explore the National Employee Benefits Index
Contact & support
Existing customers
Help with benefits for our employeesHelp with onboarding employeesHelp with employee managementLogin to Flare account
Contact us
Send us feedbackRequest a demo
Contact the Flare team

Still haven't found what you're looking for? We're here to help.

Get in touch
Request a demo
About Flare
Careers
Login
Menu Calculator your savings
For Employees
Flare Cars
Novated leasing
About Flare CarsHow it worksIs a novated lease worth it?Electric vehiclesFAQs
Get started
Calculate savingsLatest dealsIn stock vehiclesCar brandsDriver stories
Contact & support
Existing Flare member
Flare account loginDriver portal login
Support
Contact Flare CarsHelp with benefits app/portalHelp with onboarding
Calculate savings
For Employers
Benefits program
Flare Benefits
Benefits managementBenefits calculatorNovated leasingBenefits appOnboarding with benefits
Get started
Benefits calculatorPricingAccess your industry data
Solutions
Solutions
Attracting talentRetaining talentEmployee remuneration
Segments
For enterpriseFor mid-marketFor SMEIndustry data
Customer stories
Featured customers
HealiusSee all stories
Industries
Talent managementEducationHealthcare
Resources
Guides
Workplace wellbeing guideEVP GuideFinancial wellbeing guide
Other Content
ArticlesSuccess storiesFactsheets
Contact & support
Existing customers
Help with benefits for our employeesHelp with onboarding employeesHelp with employee managementLogin to Flare account
Contact us
Send us feedbackRequest a demo
Request a demo
Guidessssss
Other Content
About
About Flare
About Flare
Who we areJob openings
Who we work with
CustomersPartners
Careers
Flare Cars

Report Security Vulnerability

Flare is committed to resolving any issues that may compromise the security of our products and services as quickly as possible. We take security vulnerabilities very seriously and protecting customer data is one of our top priorities.

How to report a vulnerability

If you think you’ve found a security vulnerability in Flare products, services or online platforms, please contact us immediately via email. Keep your findings confidential and disclose the relevant information to us in a responsible manner by encrypting your report with our PGP key.
Please also advise if you have communicated the vulnerability to CERT or other parties and provide us with any reference numbers.

Email contact

[email protected]

PGP Key

c8bf8a0c

Fingerprint

d060 0c78 450f 1e99 cecd 62d9 e473 6f09 c8bf 8a0c

What to include in your report

  • An explanation of the security vulnerability
  • A list of the products and services that may be affected (versions where applicable)
  • Steps to reproduce the vulnerability
  • Proof-of-Concept code or software
  • Test accounts you have created
  • URLs, IP addresses or infrastructure associated with the vulnerability (if relevant)
  • Your contact information, such as your organisation and contact name for ongoing communication

Rules of engagement

Please do not...

  • Take advantage of a security vulnerability.
  • Access, delete or modify Flare or client data.
  • Publicly disclose a vulnerability until it has been resolved.
  • Download more data than necessary to demonstrate a vulnerability.
  • Attempt to break into customer accounts.
  • Ask for compensation for your report.
  • Use Social Engineering, Denial of Service or Phishing attacks.

Excluded issues

The following items are known issues or accepted risks and are out of scope for this vulnerability reporting program.
  • Clickjacking.
  • SPF, DKIM, DMARC issues.
  • Missing additional security controls, such as HSTS or CSP headers.
  • Brute-force, / Rate-limiting, / Velocity throttling, and other denial of service based issues.
  • Any vulnerability found on the support.flarehr.com subdomain should be reported directly to Zendesk via their bug bounty program.

Next steps

Step 1

Please maintain confidentiality and do not make your research public until we have completed our investigation and implemented patches or other mitigations.

Step 2

The Flare security team will endeavour to contact you within 72 hours of you reporting the security vulnerability and keep you informed on our progress towards resolving the vulnerability.

Step 3

We will notify you when the vulnerability has been patched or mitigated. Your name can be added to our list of acknowledgments if your submitted vulnerability is valid.

Acknowledgements

Flare would like to thank the following researchers who have helped us improve security through our responsible disclosure program.
  • Akshay Parse
  • Barhaam
  • Cheripally Sathwik
  • Fabian Mucke
  • Gideon Cole
  • Harsh Maheta
  • Jakia Akter sorna
  • Karl Aparece
  • Kinshuk Kumar
  • Kunal Narsale
  • Mohd Ali (revengerali)
  • Mohd Asif Khan
  • Netan Mangal
  • Pavan Baile
  • Sakshi Patil
  • Shubham Panchal
  • Yukesh Kumar

Report Security Vulnerability Flare is committed to resolving any issues that may compromise the security of our products and services as quickly as possible. We take security vulnerabilities very seriously and protecting customer data is one of our top priorities. How to report a vulnerability If you think you’ve found a security vulnerability in Flare […]