Responsible Disclosure

At Dozuki, we take the security of our platform seriously. We strive to create a safe and reliable environment for our customers and their data. In our ongoing efforts to maintain the highest security standards, we encourage responsible disclosure of security vulnerabilities discovered within our products and services.

This Responsible Disclosure Policy outlines the process for reporting security vulnerabilities, our commitment to addressing these issues, and our pledge to acknowledge and protect the security researchers who work with us to keep our platform secure.

If you believe you have discovered a security vulnerability in our platform, we request that you follow these guidelines:

1. Contact us: Please report the vulnerability via email to security@dozuki.com. Include a detailed description of the vulnerability, steps to reproduce it, and any supporting material (e.g., screenshots, logs, or scripts).
2. Responsible disclosure: Do not publicly disclose the vulnerability before we have had a reasonable amount of time to address it. This will help ensure that our clients remain secure and protected.
3. Good faith: Act in good faith and avoid causing any harm to Dozuki, our clients, or users. Do not exploit the vulnerability beyond what is necessary to demonstrate its existence.
4. No automated testing: Please refrain from using automated vulnerability scanning tools, as they may cause unintentional harm or disruption to our services.

Upon receiving your vulnerability report, Dozuki is committed to the following:

1. Acknowledgment: We will acknowledge receipt of your report within 48 hours.
2. Investigation: We will investigate and validate the reported vulnerability promptly. We may reach out to you for further clarification or assistance, if necessary.
3. Resolution: We will prioritize and resolve the confirmed vulnerability in a timely manner, based on its severity and potential impact on our clients.
4. Communication: We will keep you informed about the progress of our investigation and the resolution of the vulnerability.

Dozuki is committed to protecting the security researchers who responsibly disclose vulnerabilities in our platform. We will not pursue legal action against individuals who adhere to this policy and report security vulnerabilities in good faith.

However, we reserve the right to take legal action against those who engage in malicious activities or violate applicable laws.

If you have any questions or feedback regarding this Responsible Disclosure Policy, please contact us at security@dozuki.com.

Thank you for your support in keeping Dozuki and our clients secure.