Kategorie Blog Trip Raporty Redukcja Szkód Nasza Misja Kontakt

Security Policy

Security Policy

The security of the poznajfaze.pl service is our highest priority. We encourage security researchers to discover and report security vulnerabilities to us so we can fix them quickly. We value the community's contributions to keeping our platform secure.

Introduction

This policy outlines which systems and types of research are covered under this program, how to submit vulnerability reports to us, and what you can expect in response to a reported vulnerability.

Scope

This policy applies exclusively to the service available under the following domain:

  • poznajfaze.pl

Any other services, subdomains, or related services are currently out of scope for this policy.

How to Report a Vulnerability

Please direct all security reports to our dedicated email address:

security@poznajfaze.pl

To help us effectively analyze your report, please include as much information as possible, including:

  • The type of vulnerability found (e.g., XSS, CSRF, SQL Injection).
  • A detailed description of the steps needed to reproduce the issue (including URLs, screenshots, PoC scripts).
  • The potential impact of the vulnerability on the security of the service and user data.

We encourage you to use our PGP key to encrypt sensitive information.

The public key is available at: https://poznajfaze.pl/pgp-key.txt.

Our Commitment ("Safe Harbor")

We are committed to not taking legal action against individuals who report security vulnerabilities, provided they adhere to the following guidelines:

  • You act in good faith with the aim of improving security.
  • You do not violate the privacy of other users, destroy, or modify data you do not own.
  • You do not disrupt our services (e.g., through Denial of Service attacks).
  • You give us a reasonable amount of time to fix the vulnerability after reporting it before making any information public.

What to Expect

After receiving your report, we are committed to:

  • Acknowledging receipt of your report within 3 business days.
  • Maintaining open communication and keeping you informed of our progress in analyzing and fixing the issue.
  • Notifying you when the vulnerability has been fixed.

Thank you for helping keep poznajfaze.pl secure!

Wróć na stronę główną