Reporting Security Issues
If you discover a security vulnerability affecting brydansolutions.com or our services, we appreciate your responsible disclosure. Please email us at [email protected] with details of what you found.
What to Include in Your Report
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Your contact information (so we can follow up)
Our Commitments
When you submit a vulnerability report in good faith, we will:
- Acknowledge receipt within 3 business days
- Investigate and validate the issue
- Keep you informed of our progress
- Credit you publicly if you wish (and if appropriate)
Scope
This policy applies to:
- brydansolutions.com and all subdomains
- Our public-facing web applications and APIs
This policy does not apply to:
- Our clients' systems (please report those to the client directly)
- Third-party vendors and services we use
- Social engineering attacks against our staff
Out of Scope Issues
We are aware of and accept the following:
- Findings from automated scanners without proof of exploitability
- Best-practice recommendations without actual security impact
- Self-XSS or issues requiring physical access to the user's device
- Missing security headers without demonstrable exploit
- Email spoofing concerns (we use SPF/DKIM/DMARC; further hardening is on our roadmap)
Safe Harbor
If you make a good-faith effort to comply with this policy, we will not pursue legal action against you for your security research. We ask that you:
- Avoid privacy violations and disruption to our services
- Do not access or modify data beyond what is necessary to demonstrate the issue
- Do not perform attacks against our infrastructure
- Give us reasonable time to respond before public disclosure
Contact
Email: [email protected]
Phone: (702) 333-0333
Address: 6655 W Sahara Ave Ste E100, Las Vegas, NV 89146
