Cyber Security Pentesting Inc. is committed to working with the security research community to identify and address vulnerabilities responsibly.
Scope
This policy applies to vulnerabilities discovered in our own web properties: cybersecpentesting.com and any associated subdomains.
How to Report
Please report security vulnerabilities by email to: security@cybersecpentesting.com
Encrypt sensitive reports using our PGP key (available on request).
What to Include
A description of the vulnerability, steps to reproduce, potential impact, and any proof-of-concept code or screenshots.
Our Commitments
We will acknowledge receipt within 48 hours, provide a timeline for remediation, and credit researchers who responsibly disclose vulnerabilities (unless anonymity is requested). We will not pursue legal action against researchers who follow this policy in good faith.
Out of Scope
Social engineering attacks against our staff, physical security testing, denial of service attacks, and automated scanning that impacts availability.