Aberrant’s objective is to foster collaboration and openness with the security community.

Scope

Aberrant's Disclosure Policy covers our core platform.

Legal Posture

Aberrant depends on the collaboration of the security community. As a result, in the spirit of openness Aberrant will never pursue legal action against individuals who report security vulnerabilities to us. This includes:

• Engage in scans or vulnerability testing that is benign in nature.
• Product testing that does not negatively impact our customers or clientele.
• Testing of any sort that complies with relevant laws and/or applicable regulations.
• Refrain from the disclosure of vulnerabilities prior to the expiration of a mutually agreed-upon timeframe.

Submitting a Vulnerability

To submit a report please:

• Submit your report in English.
• Describe how you found the vulnerability.
• Provide steps to reproduce the vulnerability
• Provide any remediation or workarounds to mitigate the issue.
• Your plans regarding disclosure of the vulnerability. 
   

We will respond to vulnerabilities submitted to us within 5 business days. Please send security vulnerabilities to: security@aberrant.io.