How to contact Neocrym about a security issue
If you have discovered a security issue pertaining to software that Neocrym has written or deployed, we ask that you contact us by sending an email to firstname.lastname@example.org.
If you want to contact us using end-to-end encryption, you can send an email to email@example.com.
How NOT to disclose a security issue
Please do not publicly disclose security issues pertaining to Neocrym's technology or infrastructure before you have emailed us and received a response.
Legal issues involved with discovering and reporting vulnerabilities
Neocrym's security program
Neocrym does not have a currently-active bug bounty for security issues. We currently do not guarantee payment for independent researchers that discover issues before contacting us first.
Some infrastructure that we rely upon actually belongs to our vendors. In such cases, you would be bound by their security policies in addition to ours. Please contact us if you have any confusion about this matter.
We do not permit you to run automated security scanners or tools that harm the quality or availability of the services that Neocrym offers. If you would like to use such tools against our infrastructure, please contact us first.
If you are interested in doing security work for Neocrym, feel free to contact us beforehand.