Security & Responsible Disclosure
How to report a potential EmberGrids security issue responsibly.
Report a vulnerability
Email security@embergrids.com with the affected host or path, a clear description, reproducible steps, impact and safe supporting evidence. Do not include secrets in ordinary email; request a secure transfer route if needed.
What not to test
Do not access or alter other people’s data, perform denial-of-service or destructive testing, send spam, use social engineering, persist access, compromise suppliers or exceed what is necessary to demonstrate the issue. Stop if sensitive data is encountered.
Our process
EmberGrids will acknowledge a credible report, investigate, communicate material progress when practical and coordinate remediation. This policy does not promise a bug bounty, payment, safe harbor beyond applicable law or a specific resolution date.