Responsible Disclosure
Report security vulnerabilities responsibly to AOBRAIN.
Security Contact
If you discover a security vulnerability in AOBRAIN services, please report it to:
Safe Harbor
AOBRAIN supports responsible security research and will not pursue legal action against researchers who:
- Report vulnerabilities in good faith
- Make a good faith effort to avoid privacy violations and service disruption
- Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue
- Allow us reasonable time to address the issue before public disclosure (90 days)
- Do not access, modify, or delete data belonging to others
What to Include
When reporting a vulnerability, please include:
- • Description of the vulnerability and its potential impact
- • Steps to reproduce the issue
- • Proof of concept (if applicable)
- • Your contact information for follow-up
- • Any relevant screenshots, logs, or technical details
Our Commitment
When you report a security issue, we commit to:
24 Hours
Acknowledge receipt of your report
5 Business Days
Provide initial assessment
Regular Updates
Keep you informed of progress
Public Credit
Recognition for your discovery (if desired)
Recognition
We maintain a security researchers hall of fame to recognize those who help us improve our security. If you would like to be included, please let us know when you submit your report.
Security Researchers Hall of Fame (Coming Soon)
Out of Scope
The following are generally considered out of scope:
- Social engineering attacks against employees or users
- Physical attacks against our facilities or personnel
- Denial of service (DoS/DDoS) attacks
- Issues in third-party services we don't control
- Vulnerabilities requiring unlikely or excessive user interaction
- Spam or social engineering content
Thank You
We appreciate the security research community's efforts to help keep AOBRAIN and our users safe. Your responsible disclosure helps us maintain the highest security standards.
Report a Vulnerability