Skip to content

Latest commit

 

History

History
37 lines (23 loc) · 2.12 KB

SECURITY.md

File metadata and controls

37 lines (23 loc) · 2.12 KB

Security Policy

Responsible Disclosure Policy

If you have discovered a security vulnerability in Transeptor Labs' systems, we encourage you to report it immediately. We are committed to maintaining our systems' security and appreciate the security community's assistance.

Reporting Guidelines

When reporting security vulnerabilities to us, please follow these guidelines: Provide a detailed description of the vulnerability, including a clear explanation of the issue and its potential impact. Please include proof of concept (PoC) or detailed steps to reproduce the vulnerability if possible. Make a good-faith effort to avoid privacy violations, data destruction, and disruptions to our services during your testing.

Reporting Process

To report a vulnerability, please email [email protected].

Upon receiving your report, we will:

  1. Acknowledge the receipt of your report within 3 business days and provide you with a unique identifier for future reference.
  2. Review and investigate the reported issue promptly.
  3. Keep informed of our progress and any necessary updates during the investigation and resolution process.

Responsible Disclosure Timeline

We appreciate your understanding and cooperation with the following disclosure timeline: Allow us a reasonable period to investigate and address the reported issue before any public disclosure or sharing of information. We request at least 10 days before any public announcement. We will provide an initial response within 10 days to acknowledge receipt of your report and confirm that we are addressing the issue. We aim to release a patched version or mitigation for the reported vulnerability within 30 days of the initial contact. This timeline may vary based on the issue's complexity, and we will keep you informed of our progress.

Scope

This policy applies to all systems and projects provided by Transeptor Labs, including our open-source projects and any related infrastructure.

Contact

If you have any questions or concerns about this security policy, please contact us at [email protected].