Responsible Disclosure Policy

 

At Aura Web Development, we take the security of our website seriously. We welcome and encourage security researchers, ethical hackers, and individuals who discover potential vulnerabilities in our website to responsibly disclose them to us. By working together, we can address security issues promptly and protect our website and its users from harm.

 

Reporting Vulnerabilities

If you believe you’ve discovered a security vulnerability in our website or systems, we ask that you responsibly disclose it to us by following these steps:

1. Review Our Scope: Before reporting a vulnerability, please review our scope to ensure that it falls within the scope of our responsible disclosure policy. Our scope includes vulnerabilities related to our website, web applications, and associated services.

2. Gather Information: Please provide us with as much information as possible about the vulnerability, including a detailed description of the issue, steps to reproduce it, and any proof-of-concept code or evidence you may have.

3. Contact Us: To report a vulnerability, please send an email to ashley@aurawebdevelopment.com. Please refrain from publicly disclosing the vulnerability until we’ve had an opportunity to address it.

4. Response and Coordination: Upon receiving your report, we will review the information provided and investigate the reported vulnerability. We will acknowledge receipt of your report and provide updates on our progress as we work to address the issue.

 

Guidelines for Researchers

We ask that researchers adhere to the following guidelines when reporting vulnerabilities to us:

 

  • Do not exploit or further investigate the vulnerability beyond what is necessary to confirm its existence and impact.
  • Do not disclose the vulnerability to others or publicly disclose it until we’ve had an opportunity to address it.
  • Respect the privacy and integrity of our systems and users at all times.
  • Provide sufficient information to allow us to reproduce and validate the reported vulnerability.

 

Legal Protections

Aura Web Development is committed to protecting researchers who report vulnerabilities to us in good faith. We will not pursue legal action against individuals who follow our responsible disclosure process and adhere to our guidelines. However, we reserve the right to take appropriate action in cases of malicious behavior or unauthorized access.

 

Recognition and Acknowledgment

We value the contributions of security researchers who help us improve the security of our website and systems. With your permission, we may publicly acknowledge and recognize researchers who report valid vulnerabilities to us.

 

Contact Us

If you have any questions or concerns about our responsible disclosure policy, please contact us at ashley@aurawebdevelopment.com.