Responsible Disclosure

Report a security issue.

We take security reports seriously. If you've found a vulnerability in ArmedIQ, we'd like to hear about it so we can fix it and protect our users.

How to report

  1. Email security@armediq.com with a clear description of the issue.
  2. Include steps to reproduce, affected URLs or endpoints, and any relevant proof-of-concept.
  3. Let us know how you'd like to be credited if the report is confirmed.
  4. We'll acknowledge receipt promptly and keep you updated as we investigate.

Testing guidelines

  • Give us reasonable time to remediate before making details public.
  • Do not access, modify, or delete data that does not belong to you.
  • Do not run automated scanners that generate significant traffic against production.
  • Do not perform social engineering, physical, or denial-of-service testing.
  • Use test accounts you control. If in doubt, ask us first.

What to expect from us

  • A prompt acknowledgement of your report.
  • Regular updates as we investigate and remediate.
  • Credit for the discovery once the issue is resolved, if you'd like it.
  • Good-faith treatment: we won't pursue legal action against researchers who follow these guidelines.

For general security questions, see the Security Center or read our privacy policy.