At Vizhil.com, we take the security of our systems and customer data seriously. We recognize the valuable role that security researchers and individuals in the broader community play in helping us identify and address potential vulnerabilities. Our Responsible Disclosure Policy outlines the guidelines and procedures for reporting security vulnerabilities to us in a responsible manner.
This policy applies to any security vulnerabilities identified in Vizhil.com's website, applications, or systems. It also covers vulnerabilities in third-party services or applications integrated with Vizhil.com that may impact the security of our platform or customer data.
We encourage the responsible disclosure of any security vulnerabilities that could compromise the confidentiality, integrity, or availability of our systems or customer information. This includes, but is not limited to, vulnerabilities such as:
To report a security vulnerability, please send an email to [Security Email Address] with a detailed description of the vulnerability, including steps to reproduce, any proof-of-concept code or screenshots, and any additional information that may be relevant.
We encourage researchers to encrypt sensitive information using our PGP public key, which can be obtained upon request.
We commit to acknowledging receipt of your report within [specified timeframe] and to providing regular updates on the status of our investigation and resolution efforts.
We ask that you refrain from disclosing details of the vulnerability to the public or third parties until we have had an opportunity to assess and address the issue.
We will not take legal action against security researchers who act in good faith and adhere to the guidelines outlined in this policy.
We respect the confidentiality and anonymity of security researchers who report vulnerabilities to us. If requested, we will work with researchers to provide credit for their findings in accordance with their preferences.
Researchers must refrain from any actions that could cause harm to Vizhil.com, its users, or its systems during their investigation.
Researchers must comply with all applicable laws and regulations and respect the privacy of our users and their data.
Researchers should not exploit or attempt to exploit identified vulnerabilities for any purpose other than to demonstrate the existence of the vulnerability and assist us in mitigating the risk.
While we greatly appreciate the efforts of security researchers in helping us maintain the security of our systems, we do not currently offer financial rewards or bounties for vulnerability disclosures.
Security Email Address: [email protected]
PGP Public Key: Available upon request