Skip to main content

Contact Arc XP Security

You may always contact Arc XP Security through the Arc XP Customer Support portal at https://support.arcpublishing.com. For any security-related communications, choose the option Report a Suspected Security Incident or Vulnerability from the list of available ticket types. This ensures that our security team is included on the support ticket, in addition to your normal customer support team members.

When submitting a ticket, choosing priority levels of P0 or P1 immediately pages a support member, any time, day or night. Use these levels if you require immediate attention from our team. All other priorities are handled promptly during normal business hours.

Should you need to contact the Arc XP security team by email for any reason, you may use the address . However, note that this inbox is shared and does not page any team members. The support portal is our preferred method of contact, and communications originating from it are tracked as support tickets.

You may have various reasons for contacting us. We’ve provided some guidance for typical reasons below.

Report an active security incident

If you are currently experiencing a security incident impacting your Arc XP site, notify us as soon as possible. We may be able to provide support and additional information to help you handle the situation and help to control or mitigate any ongoing attacks.

Report a potential security incident or current security threat

We encourage you to contact us if you believe your Arc XP site may be imminently targeted or attacked due to other monitoring, threat intelligence, or ongoing security incidents against other systems/parts of your organization. In such cases, we may be able to more closely monitor your site and alert you to any new behavior we observe during times of heightened alert. We can discuss potential short- or long-term security controls that may help manage attacker activity.

Reporting a suspected security vulnerability

If you are reporting a suspected security vulnerability, include the following details whenever possible:

  • The Complete URL/URI of the resource or endpoint in question.

  • Details about the vulnerability so that our team can validate and reproduce the issue.

  • A list of X-Arc-Request-Id HTTP response header values for requests that triggered the suspected vulnerability.

  • If reporting a vulnerability from a third-party security assessment, include the original finding/report as an attachment.

At this time, we do not operate a Bug Bounty/Reward program for reporting security vulnerabilities against Arc XP products or services.

Example ticket form

gen_client_support_form.png
In this section: