Responsible Disclosure Policy
At Swift Centre, the security of our systems and data is a top priority. We value the security research community and recognize the important role that security researchers play in identifying vulnerabilities. If you believe you have found a security vulnerability in our systems, we encourage you to disclose it to us responsibly.
Reporting a Vulnerability
If you discover a vulnerability, please report it to us by sending your finding to info@swiftcentre.org. Provide as much information as possible, including:
Description of the vulnerability.
Steps to reproduce the issue.
Potential impact of the vulnerability.
Any proof of concept code or screenshots (if applicable).
Compliance: Follow the principles of responsible disclosure by giving us sufficient time to resolve the issue before publicly disclosing the vulnerability.
Our Commitment
We will acknowledge receipt of your report within two business days.
We will keep you informed of our progress as we work to resolve the issue.
We will not take legal action against you as long as you follow our guidelines.
We may publicly acknowledge your contribution, with your consent.
Rules of Engagement
Please avoid any activity that could damage or interrupt our systems, data, or services.
Do not attempt to access or modify data that doesn’t belong to you.
Do not use social engineering, phishing, or other non-technical attack methods.
Recognition and Rewards
If you responsibly disclose a valid security issue, we may offer a reward as a token of our appreciation. Rewards are determined based on the severity of the issue and are at our discretion. Public acknowledgment may also be offered on social media.
Thank you for helping us keep Swift Centre and our users safe!
Major Breach
In the event that there has been a major breach, we will notify the affected individuals within 72 hours of discovery. We will communicate the nature of the breach, the data that was exposed, and actions being taken.
Incident investigation
We have access to logs of web traffic, authentication and data API usage. Which can be used to investigate in the event of an incident.
Status
We communicate the status of our services on this page
https://swiftcentre.instatus.com/