Delivami

Vulnerability Disclosure

Last Updated: October 1, 2024

Security is a core priority at Delivami. We welcome reports from independent security researchers who find vulnerabilities in our platform.

1. How to Report

If you believe you have found a security vulnerability in Delivami, please send an email to security@delivami.com. Please include a detailed description of the vulnerability, steps to reproduce it, and any potential impact.

2. Responsible Disclosure Rules

When conducting security research, please adhere to the following rules:

  • Do not exploit the vulnerability beyond what is necessary to prove its existence (do not access other users' data, delete data, or disrupt services).
  • Do not perform Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks.
  • Do not engage in physical, social engineering, or phishing attacks against our staff or users.
  • Give us a reasonable amount of time to fix the issue before making any information public.

3. Safe Harbor

If you conduct your research in good faith and follow these rules, we will not pursue legal action against you or ask law enforcement to investigate you.

4. Rewards

While we do not currently operate a paid bug bounty program, we are happy to provide public acknowledgment or Delivami swag for valid, high-impact security reports.