Security
Vulnerability Disclosure Program (VDP)
Help us keep DefAgent secure by reporting security vulnerabilities responsibly.
Security first
Security is our highest priority.
At DefAgent Technologies Inc., the security of our users, infrastructure, and partners is our highest priority. We welcome responsible disclosures and appreciate your efforts in helping us protect our mission-critical systems.
Reporting
How to report a vulnerability.
Send us a complete, reproducible report so our security team can validate and remediate the issue quickly.
- Send an email to: security@defagent.io
- Include a clear description of the vulnerability.
- Provide step-by-step instructions to reproduce the issue.
- Attach any relevant logs, screenshots, or proof-of-concept code.
- Describe the potential impact or exploitability.
Out of scope
Please do NOT.
Activities that compromise the integrity, availability, or confidentiality of our systems fall outside the scope of good-faith research.
- Access, modify, or delete data that does not belong to you.
- Use tools that may affect service availability or cause disruption.
- Publicly disclose the vulnerability without coordination.
What to expect
Important notes.
- Only complete, reproducible, and impactful reports will receive a response.
- We may not reply to low-risk or duplicate issues.
- Good-faith reports following this policy will not face legal action.
Thank you for helping us make DefAgent more secure.
Found a security issue?
Send a complete, reproducible report to our security team. Good-faith reports following this policy will not face legal action.