While this repository primarily contains code samples to demonstrate the features and functionality of the Security Center SDK, we understand that developers may integrate these samples into production environments. If you discover a security vulnerability related to the use of our code samples or the Security Center SDK, we encourage responsible disclosure.
- Please avoid creating a public GitHub issue to report the vulnerability.
- Instead, email us at [email protected] with the following information:
- Steps to reproduce the issue.
- Any code modifications or configurations applied.
- Potential impact in production environments.
- Additional relevant information (e.g., SDK version, environment).
- Allow us sufficient time to address the issue before disclosing it publicly or sharing with third parties.
- Acknowledgment: We will confirm receipt of your vulnerability report within 3 business days.
- Evaluation: We will assess the issue and provide an estimated timeline for a fix, prioritizing based on severity.
- Resolution: We will notify you when the issue has been resolved and provide a summary of the changes made.
For issues related to the Security Center SDK or code samples that might be used in production, we encourage security researchers to participate in our bug bounty program. For more information, including scope and rewards, please visit:
Your contributions help us ensure that our SDK and the associated code samples are secure for all users. Thank you for your support!