Security Vulnerability Disclosure
Humdrum takes the security of our systems and the protection of data seriously. If you believe you have discovered a security vulnerability in our platform, we encourage you to report it responsibly.
How to report
Email cybersecurity@humdrum.au with a description of the vulnerability, including steps to reproduce it if possible. Please include your contact details so we can follow up.
What to include
A clear description of the vulnerability, the affected system or URL, steps to reproduce the issue, and the potential impact as you understand it.
Our commitment
We will acknowledge your report within 48 hours. We will keep you informed of our progress in addressing the issue. We will not take legal action against individuals who report vulnerabilities in good faith and in accordance with this policy.
What we ask
Do not access, modify, or delete data belonging to other users. Do not publicly disclose the vulnerability until we have had a reasonable opportunity to address it. Do not use automated scanning tools against our production systems without prior written approval.
Scope
This policy applies to the following systems: humdrum.app, humdrum.au and associated support systems.
Recognition
We appreciate the efforts of security researchers in helping us maintain the security of our platform. With your permission, we are happy to acknowledge your contribution.
‍
.png)
