Vulnerability Disclosure Program
We are committed to ensuring the security of our users and systems. Our Vulnerability Disclosure Program encourages security researchers to responsibly report vulnerabilities in our services.
About Our VDP
At Cyber Mounties, we value the contributions of the security community in helping us maintain a secure environment. This program outlines how to report security vulnerabilities for our domains and services.
Scope
This VDP applies to all services and subdomains under:
- *.cyberm.ca
Reporting a Vulnerability
If you discover a potential security vulnerability, please report it to us via email at: [email protected]
Please include the following details in your report:
- A detailed description of the vulnerability.
- Steps to reproduce the issue.
- The affected domain or service (e.g., specific subdomain of *.cyberm.ca).
- Your contact information for follow-up.
Guidelines
To ensure responsible disclosure, please adhere to the following guidelines:
- Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue.
- Do not publicly disclose vulnerabilities without our consent.
- Do not access or modify user data without permission.
- Follow all applicable laws and regulations.
Our Commitment
We will:
- Acknowledge receipt of your report within 5 business days.
- Work with you to validate and address the vulnerability.
- Keep you informed about the resolution process.
- If you are a member or volunteer at Delta Obscura or Cyber Mounties, you will be rewarded with a bounty of $20 (CAD)
- If you are not working with us but still report a vulnerability, you will be rewarded with a Hall of Fame mention on cyberm.ca
Contact
For any questions about this program, please reach out to [email protected] .