Security Disclosure
Last Updated: March 2, 2026
Conscherry welcomes responsible vulnerability disclosures and is committed to improving the security of the Service.
1. Security Program Overview
Our security controls include, where applicable:
- authenticated session management,
- CSRF protections,
- abuse prevention and rate limiting,
- security logging and monitoring,
- least-privilege access controls,
- encryption in transit.
No system is perfectly secure, and continuous improvement is part of Our security program.
2. Reporting a Vulnerability
Please send reports to contact@conscherry.com with subject line "Security Report".
To help with triage, include:
- a clear description of the issue,
- reproduction steps,
- affected pages/endpoints,
- observed and potential impact,
- proof-of-concept details necessary for safe validation.
3. Good-Faith Testing Requirements
When researching security issues, You must not:
- access, alter, or delete data that is not Yours,
- intentionally disrupt service availability,
- use social engineering, phishing, or physical intrusion,
- publicly disclose vulnerabilities before We have a reasonable opportunity to investigate and remediate.
4. Our Response Process
For valid reports, We aim to:
- acknowledge receipt,
- assess severity and impact,
- prioritize remediation based on risk,
- provide status updates where appropriate.
5. Safe Harbor Intent
For good-faith research conducted in accordance with this policy and applicable law, We do not intend to pursue legal action solely because of such reporting activity.
This statement does not grant permission for unlawful activity or testing that causes harm.
6. Contact Us
- Security and support: contact@conscherry.com