Security & disclosure

Responsible disclosure

We welcome reports from security researchers. If you believe you've found a vulnerability affecting NexarisTech, please tell us.

How to report

Email security@nexaristech.com with a description of the issue, the affected asset, and steps to reproduce. Our machine-readable policy is published at /.well-known/security.txt (RFC 9116).

Our commitment

  • We acknowledge reports promptly and keep you updated.
  • We will not pursue legal action for good-faith research conducted under this policy.
  • Please allow us reasonable time to remediate before public disclosure.

Please avoid

  • Accessing or modifying data that isn't yours.
  • Denial-of-service, spam, or social-engineering of our staff or clients.