Responsible Disclosure
Report a security issue.
We take security reports seriously. If you've found a vulnerability in ArmedIQ, we'd like to hear about it so we can fix it and protect our users.
How to report
- Email security@armediq.com with a clear description of the issue.
- Include steps to reproduce, affected URLs or endpoints, and any relevant proof-of-concept.
- Let us know how you'd like to be credited if the report is confirmed.
- We'll acknowledge receipt promptly and keep you updated as we investigate.
Testing guidelines
- Give us reasonable time to remediate before making details public.
- Do not access, modify, or delete data that does not belong to you.
- Do not run automated scanners that generate significant traffic against production.
- Do not perform social engineering, physical, or denial-of-service testing.
- Use test accounts you control. If in doubt, ask us first.
What to expect from us
- A prompt acknowledgement of your report.
- Regular updates as we investigate and remediate.
- Credit for the discovery once the issue is resolved, if you'd like it.
- Good-faith treatment: we won't pursue legal action against researchers who follow these guidelines.
For general security questions, see the Security Center or read our privacy policy.
