Responsible Disclosure Policy


At Swift Centre, the security of our systems and data is a top priority. We value the security research community and recognize the important role that security researchers play in identifying vulnerabilities. If you believe you have found a security vulnerability in our systems, we encourage you to disclose it to us responsibly.


Reporting a Vulnerability

If you discover a vulnerability, please report it to us by sending your finding to info@swiftcentre.org. Provide as much information as possible, including:

  • Description of the vulnerability.

  • Steps to reproduce the issue.

  • Potential impact of the vulnerability.

  • Any proof of concept code or screenshots (if applicable).


Compliance: Follow the principles of responsible disclosure by giving us sufficient time to resolve the issue before publicly disclosing the vulnerability.

Our Commitment

We will acknowledge receipt of your report within two business days.

We will keep you informed of our progress as we work to resolve the issue.

We will not take legal action against you as long as you follow our guidelines.

We may publicly acknowledge your contribution, with your consent.

Rules of Engagement

Please avoid any activity that could damage or interrupt our systems, data, or services.
Do not attempt to access or modify data that doesn’t belong to you.
Do not use social engineering, phishing, or other non-technical attack methods.

Recognition and Rewards

If you responsibly disclose a valid security issue, we may offer a reward as a token of our appreciation. Rewards are determined based on the severity of the issue and are at our discretion. Public acknowledgment may also be offered on social media.

Thank you for helping us keep Swift Centre and our users safe!

Major Breach

In the event that there has been a major breach, we will notify the affected individuals within 72 hours of discovery. We will communicate the nature of the breach, the data that was exposed, and actions being taken.

Incident investigation

We have access to logs of web traffic, authentication and data API usage. Which can be used to investigate in the event of an incident.

Status

We communicate the status of our services on this page
https://swiftcentre.instatus.com/