Responsible Disclosure Policy

Our Commitment

At RedOps Security, we believe that the security of our systems is a top priority. We appreciate the work of security researchers and are committed to working with the community to identify and resolve vulnerabilities.

Guidelines

If you believe you have found a security vulnerability in our systems, please follow these guidelines:

• Notify us as soon as possible by emailing security@redops.security.
• Provide a detailed description of the vulnerability and steps to reproduce it.
• Do not exploit the vulnerability further or access unauthorized data.
• Give us a reasonable amount of time to resolve the issue before disclosing it publicly.

Exclusions

The following are excluded from our responsible disclosure program:

• Social engineering or phishing attacks.
• Physical security attacks.
• Denial of service (DoS) attacks.
• Vulnerabilities in third-party services.

Safe Harbor

We will not take legal action against researchers who discover and report vulnerabilities in accordance with these guidelines.