We welcome security research

If you believe you have found a security issue on a Cybervahak-operated site or product, please report it to security@cybervahak.com with steps to reproduce.

Safe harbour

We will not pursue legal action against good-faith researchers who follow this policy, do not access data beyond what is necessary to demonstrate impact, and give us 90 days to remediate before public disclosure.

Out of scope

Denial-of-service attacks, social engineering of staff, and physical security testing are out of scope without prior written authorisation.

Recognition

We maintain a hall of fame for researchers who help us stay safe.