Contact: mailto:security@noematic.io
Contact: https://noematic.io/contact
Expires: 2027-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://noematic.io/.well-known/security.txt
Policy: https://noematic.io/trust

# Noematic Security Disclosure
#
# We welcome reports from security researchers acting in good faith.
# Please email security@noematic.io with details, ideally including
# steps to reproduce, scope, and impact.
#
# We commit to:
#   - Acknowledging your report within one business day.
#   - Not pursuing legal action against good-faith researchers.
#   - Crediting your disclosure with your consent once resolved.
#
# Out of scope:
#   - Reports requiring physical access to a victim device.
#   - Volumetric DoS or DDoS reports without a clear vulnerability.
#   - Spam, phishing, or social-engineering of our staff or customers.