Security

Responsible Disclosure

We are a security company. If you have found a vulnerability in our website or systems, we want to hear from you.

security.txt available at /.well-known/security.txt

Reporting a vulnerability

Please email devopriyajoshi@gmail.com with the subject line "Security — Responsible Disclosure". Include enough detail to reproduce the issue: affected URL or component, steps, and impact. If you wish to encrypt your report, request our PGP key in your first message.

Our commitment

  • We will acknowledge your report within 3 working days.
  • We will keep you informed of remediation progress.
  • We will not pursue legal action against researchers who act in good faith under this policy.

Scope

  • In scope: sarvsuraksha.com and its sub-paths.
  • Out of scope: denial-of-service, social engineering, physical attacks, and findings in third-party services (e.g. the hosting provider, fonts CDN).

Safe harbour

Testing must not harm the service or other users, must not access, modify or exfiltrate data that is not yours, and must stop at the first sign of a vulnerability. Good-faith research under these conditions is authorised.

Recognition

With your permission, we are glad to credit researchers who responsibly disclose valid issues.