Secureweb Vulnerability Disclosure Program

At SecureWeb, we prioritize the security of our online assets and value the contributions of ethical hackers and security researchers. Secureweb Vulnerability Disclosure Program outlines how to responsibly report security vulnerabilities in our systems. Help us keep SecureWeb safe by identifying and reporting potential vulnerabilities.


Our Vulnerability Disclosure Program covers all digital assets within SecureWeb‘s online presence, including:

The following actions are prohibited during testing:

  • Distributed denial of service (DDoS) attacks
  • Spamming or phishing attempts
  • Physical security tests (e.g., facility breaches)

If you discover a security issue, report it by:

  1. Emailing the details to [email protected].
  2. Providing comprehensive information, including:
    • Detailed vulnerability description
    • Steps to reproduce the issue
    • Supporting files (e.g., screenshots, logs, videos)
    • Potential impact assessment

We aim to acknowledge your report within 2 business days and begin an investigation promptly.


Once a report is submitted:

  • We will investigate the vulnerability as soon as possible.
  • You will receive updates on our progress.
  • Valid issues will be addressed in a timely manner.

We request that you:

  • Keep the vulnerability confidential until it has been resolved.
  • Allow us enough time to fix the issue before public disclosure.

While SecureWeb does not offer monetary rewards at this time, security researchers with valid reports will be recognized on our Hall of Fame page: Hall of Fame.


To ensure responsible vulnerability disclosure, please:

  • Avoid exploiting the vulnerability beyond the proof of concept.
  • Respect the privacy of SecureWeb users by not accessing their data.
  • Minimize disruption to services while testing.

The following issues are not within the scope of this program:

  • Social engineering or phishing techniques
  • Vulnerabilities in third-party services not operated by SecureWeb
  • Issues related to outdated or unsupported browsers, plugins, or software

For further clarification or to submit a vulnerability, contact us at [email protected]