If you would like to report a vulnerability or have a security concern regarding Zygon products and services, please email firstname.lastname@example.org. We will respond to you and acknowledge receipt of your report.
Once your report has been submitted, we will work to validate the reported vulnerability and will reach out to you if additional information is required.
To help us triage and remediate potential findings, the vulnerability report should:
We ask that you do not share or publicize an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, the Zygon team and associated development organizations will use reasonable efforts to:
We are happy to thank every individual researcher who submits a vulnerability report helping us improve our overall security posture at Zygon.
Any activities conducted in a manner consistent with this policy will be considered authorized conduct, and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.