Responsible Disclosure Policy

  • Home
  • Responsible Disclosure Policy
shape
shape
shape
shape
Security is a shared responsibility.
Thank you for being a cog in this wheel.

Responsible Disclosure Policy

Last Updated: May 05, 2025

At SECASURE, we take the security of our users, systems, and data seriously. We welcome responsible disclosures of vulnerabilities from independent researchers and professionals who help us identify and fix issues before they can be exploited. Although we do not maintain and run a bug bounty program - we value every single contribution made towards securing our ecosystem.

What We Ask From You

  • Act in good faith to protect privacy, data, and service availability.
  • Do not access or alter data that does not belong to you.
  • Report the issue with sufficient details to help us reproduce and understand it.
  • Give us a reasonable window to investigate and resolve the issue before making it public.

What You Can Expect From Us

  • A response within 2-7 business days of your report.
  • Recognition through a Certificate of Appreciation for valid, impactful findings.
  • Invite-based opportunities for internships or full-time roles for outstanding contributors - though this doesn't mean you hack and break systems to prove capabilities :)

Scope

This policy applies to vulnerabilities found in:

  • Domains under *.secasure.com
  • Our official web applications
  • APIs owned and operated by SECASURE

Legal Safe Harbor

If you act in accordance with this policy and in good faith, we will consider your security research to be authorized and will not initiate legal action. This approach aligns with the principles of ISO/IEC 29147:2018, the international standard for vulnerability disclosure.

Reporting a Vulnerability

You can report potential security issues to us via email:

Email: security@secasure.com
Subject: Vulnerability Disclosure – [Short Summary]

Please include the following in your report:

  • Steps to reproduce the issue
  • Potential impact
  • Supporting material (e.g., screenshots, PoC code)
  • Your name or hacker handles for acknowledgment (optional)

Closing Note

We value your time and effort in reporting responsibly. Your collaboration helps us deliver a safer experience for everyone who relies on SECASURE.