Vulnerability Disclosure

Coordinated Vulnerability Disclosure Policy

 

At inmind.ai, we value the contributions of the security community in helping us maintain the safety and integrity of our systems. This policy outlines how to responsibly report security vulnerabilities.

 

Guidelines

  • Do not exploit the vulnerability beyond what is necessary to demonstrate it.
  • Do not access, modify, or delete data that does not belong to you.
  • Do not disrupt services or impact availability during testing.

 

Response Process

  1. Acknowledgment: We will confirm receipt of your report within 72 hours.
  2. Investigation: Our security team will assess the issue and determine severity.
  3. Remediation: We will work to resolve the vulnerability promptly.
  4. Disclosure: We may coordinate with you on public disclosure once a fix is in place.

 

Recognition

  • If permitted, we may acknowledge your contribution in our security advisories.
  • At this time, inmind.ai does not operate a formal bug bounty program, but we deeply appreciate responsible reporting.

 

All security findings should be sent to sec@inmind.ai
Let’s get started

Need expertise and innovation on your project? We can help.