Skip to content

Security: mondoohq/cnspec

Security

SECURITY.md

Security Policies

Reporting a Vulnerability

Mondoo values responsible disclosure to protect the security and privacy of all our users. We actively encourage respectful and non-disruptive testing and reporting of detected vulnerabilities, within the following guidelines:

  • DO submit reports as soon as you are aware of an issue
  • DO allow time to assess and respond to the submission
  • DO respect the availability, confidentiality and privacy of our services, users and any 3rd party systems
  • DO NOT attack or otherwise interfere with any account you are not the owner of
  • DO NOT violate any applicable laws or regulations
  • DO NOT disclose issues publicly before we've had time to assess and respond appropriately

Please submit individual reports to security@mondoo.com including a full description of the finding, how to reproduce the behavior and any supporting information. Applicable submissions will be directed to our Bug Bounty Program.

There aren’t any published security advisories