Trust Center
Responsible Disclosure
We welcome good-faith security research into our products and infrastructure, and we commit to working with you, not against you.
How to report
Email security@offloadsecurity.com
with a description of the issue, steps to reproduce, and any relevant
proof of concept. A machine-readable pointer is published at
/.well-known/security.txt.
What we commit to
- Acknowledgement within 2 business days
- An assessment and expected timeline within 10 business days
- No legal action for good-faith research that respects the guidelines below
- Credit for the finding, if you want it, once fixed
Guidelines
- Do not access, modify, or delete data that is not yours; use test accounts wherever possible
- No denial-of-service, spam, social engineering, or physical attacks
- Give us a reasonable window to remediate before public disclosure