Merge pull request #27 from storacha/heyjay44-patch-4

chore: create security-research-policy.md
storacha · Jan 8, 2025 · df33b0f · df33b0f
2 parents 36a1015 + 74fc35a
commit df33b0f
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/src/pages/security-research-policy.md b/src/pages/security-research-policy.md
@@ -0,0 +1,21 @@
+# Storacha Security Research Policy
+
+## Overview
+Our security research program is private and invitation-only. We do not accept unsolicited vulnerability reports or offer rewards for unrequested security research. 
+
+## Important Notice
+- All security testing must be pre-authorized in writing
+- Unauthorized security testing is prohibited
+- We do not provide bug bounties or rewards for unsolicited findings
+- Unauthorized testing may violate our Terms of Service and applicable laws
+
+## Reporting Security Issues
+1. Do not conduct any further testing
+2. Do not exploit the vulnerability
+3. Contact [email protected]
+4. Wait for explicit written authorization before any further action
+
+## Legal Notice
+Any unauthorized security testing, vulnerability scanning, or penetration testing of our systems is strictly prohibited and may result in legal action. We reserve all rights to pursue appropriate remedies against unauthorized security testing.
+
+Contact: [email protected]