CyberGuardian

Security & Responsible Disclosure

We take security seriously. If you discover a vulnerability in our platform, we encourage you to report it responsibly. We commit to working with you to understand and address the issue quickly.

Process

How to Report a Vulnerability

01
Submit a Report

Email security@cyberguardian.io with a clear description of the vulnerability, steps to reproduce, and any supporting evidence (screenshots, PoC code).

02
Acknowledgement within 48h

We will acknowledge receipt of your report within 48 business hours and provide an initial assessment of the severity and scope.

03
Investigation & Fix

Our security team investigates the report and works on a fix. We will keep you updated on progress and expected resolution timeline.

04
Coordinated Disclosure

Once the fix is deployed, we coordinate public disclosure with you. Researchers who follow this policy will receive credit in our security advisories.

Rules of Engagement

What we ask of researchers

Provide sufficient detail to reproduce the issue
Act in good faith — we will do the same
Do not access, modify, or delete data that does not belong to you
Do not perform attacks that could harm availability of our services
Do not publicly disclose vulnerabilities before we have had time to fix them
Scope

What's In Scope

In Scope
  • Authentication and authorization flaws
  • Remote code execution (RCE)
  • SQL injection / NoSQL injection
  • Cross-site scripting (XSS)
  • Privilege escalation
  • Sensitive data exposure
Out of Scope
  • Denial of service (DoS / DDoS)
  • Social engineering or phishing of staff
  • Physical security attacks
  • Spam or email flooding
  • Vulnerabilities in third-party services we do not control
Contact

Ready to report?

Send your vulnerability report directly to our security team. We respond to all valid reports within 48 business hours.

security@cyberguardian.io
© 2026 CyberGuardian Made in Bulgaria
Privacy PolicyTermsGDPR