Reporting Security Vulnerabilities
At DigitalMaas, we take the security of our systems and user data seriously. We appreciate the efforts of security researchers and the broader community in helping us maintain a secure environment for everyone. If you have discovered a potential security vulnerability, we encourage you to report it to us in a responsible and coordinated manner.
To report a security vulnerability, please follow these guidelines:
- Email: Send an email to firstname.lastname@example.org with the subject line “Security Vulnerability Report.”
- Include Details: Provide a detailed description of the vulnerability, including steps to reproduce, potential impact, and any supporting materials (such as proof-of-concept code or screenshots).
- Contact Information: Include your contact information, including your name and a method for us to reach you if further clarification or information is needed.
Responsible Disclosure Guidelines
- Act in Good Faith: We appreciate your efforts to disclose your findings responsibly and ethically. Please act in good faith and avoid any malicious activities.
- Provide Adequate Details: Include enough details in your report to allow us to understand and validate the issue. The more information you provide, the better we can address the vulnerability.
- Give Us Time to Respond: Allow us a reasonable amount of time to investigate and address the reported vulnerability before publicly disclosing it.
- Respect User Privacy: Avoid accessing or modifying user data without explicit consent. Respect user privacy and comply with all applicable laws and regulations.
- No Monetary Compensation: Currently, we do not offer monetary compensation for reported vulnerabilities. However, we appreciate your contribution to the security of our platform.
- Timely Response: We are committed to acknowledging the receipt of your report within 3 business days and keeping you informed of the progress.
- Collaboration: We value the security community’s efforts and may be open to collaboration on addressing the vulnerability, with due credit given to the reporting party.
- Resolution: We will make reasonable efforts to address and resolve the reported vulnerability promptly.
We appreciate your responsible disclosure of security vulnerabilities. However, please be aware that any actions that violate applicable laws or our terms of service are not permitted.
Thank you for helping us keep DigitalMaas and our users safe and secure.