Skip to content

Security: eyalb181/mirrord

Security

SECURITY.md

Security

Contact: security@metalbear.co

Keeping mirrord secure is a top concern for us. Nevertheless, despite our best efforts to fortify it, vulnerabilities may still be present.

If you come across a vulnerability, please inform us promptly so we can resolve it as soon as possible. We kindly request your assistance in enhancing the security of both our clients and our systems.

Reporting a Vulnerability

In Scope Vulnerabilities:

  • Any security issues that might put at risk the confidentiality, integrity, or accessibility of our systems or data.

Reporting Instructions:

  1. Email your findings to security@metalbear.co.

  2. Please do not exploit the vulnerability or issue you've found.

  3. Please keep the issue confidential until we've fixed it.

  4. Do not use attacks on physical security, social engineering, distributed denial of service, spam, or third-party applications.

  5. Please share enough details for us to understand and fix the issue as fast as we can.

What We Promise

  1. We'll get back to you within 3 business days with our assessment of the report and an estimated date of when we expect to resolve it.

  2. We will not take any legal action against you related to the report, if you have adhered to the reporting instructions above.

  3. We'll treat your report with utmost confidentiality and won't share your personal information with third parties without your consent.

  4. We'll be keeping you updated of the progress toward fixing the issue.

  5. We'll credit you as the discoverer of the issue (unless you request otherwise) in public disclosures of the reported issue.

  6. We aim to resolve all issues promptly and are eager to actively contribute to the ultimate publication on the problem, once the problem has been resolved.

We truly value your contributions in strengthening our security.

There aren’t any published security advisories