Vulnerability Disclosure
Last Updated: October 1, 2024
Security is a core priority at Delivami. We welcome reports from independent security researchers who find vulnerabilities in our platform.
1. How to Report
If you believe you have found a security vulnerability in Delivami, please send an email to security@delivami.com. Please include a detailed description of the vulnerability, steps to reproduce it, and any potential impact.
2. Responsible Disclosure Rules
When conducting security research, please adhere to the following rules:
- Do not exploit the vulnerability beyond what is necessary to prove its existence (do not access other users' data, delete data, or disrupt services).
- Do not perform Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks.
- Do not engage in physical, social engineering, or phishing attacks against our staff or users.
- Give us a reasonable amount of time to fix the issue before making any information public.
3. Safe Harbor
If you conduct your research in good faith and follow these rules, we will not pursue legal action against you or ask law enforcement to investigate you.
4. Rewards
While we do not currently operate a paid bug bounty program, we are happy to provide public acknowledgment or Delivami swag for valid, high-impact security reports.
