Security Issues
Found a vulnerability? We take security seriously. This page explains how to responsibly report a security issue to the SealsTrust team, what details to include, and how we investigate and respond to every report.
Security Issues & Vulnerability Disclosure
If you believe you have discovered a security vulnerability in any SealsTrust product or platform, please contact us immediately. We appreciate your assistance in keeping our network secure.
1. Responsible Disclosure Policy
SealsTrust takes the security of our authentication network very seriously. We encourage independent security researchers to act responsibly by reporting potential vulnerabilities to our engineering team before making them public. This allows us to assess, patch, and protect our clients effectively.
2. How to Report a Vulnerability
Please submit all security-related reports to our dedicated security contact:
- Email: security@sealstrust.com
- Subject Line: SECURITY REPORT: [Brief Description of Issue]
We aim to acknowledge receipt of all reports within 48 business hours.
3. What to Include in Your Report
To help us investigate effectively, please provide the following details:
- A clear description of the vulnerability (e.g., SQL injection, XSS, insecure API endpoint).
- Steps to reproduce the issue (PoC - Proof of Concept).
- Technical information such as URL, browser versions, or payloads used.
- Your contact information for follow-up questions.
4. Our Commitment
SealsTrust commits to:
- Investigating every report in a timely and professional manner.
- Working with you to understand and mitigate the issue.
- Protecting our researchers from legal action as long as they follow this responsible disclosure policy and do not exploit or disclose the data before it is patched.