TechTree Responsible Disclosure Policy

Data security ranks as a fundamental priority for TechTree, and TechTree maintains that collaboration with adept security researchers can reveal vulnerabilities in any technology. If you suspect you've encountered a security flaw in TechTree's service, please inform us; we will partner with you to address the issue expeditiously.

Disclosure Policy

  • If you believe you've uncovered a potential vulnerability, please notify us by sending an email to security@techtree.dev. We will confirm receipt of your email within five business days.
  • Allow us a reasonable timeframe to remedy the issue before revealing it to the public or any third party. We strive to resolve critical issues within one week of notification.
  • Undertake sincere efforts to prevent privacy infringements, data damage, or disruption or degradation of the TechTree service. Please restrict interactions to accounts you possess or for which you have received explicit authorization from the account owner.

Exclusions During your investigation

We ask that you avoid:

  • Distributed Denial of Service (DDoS)
  • Spamming
  • Social engineering or phishing of TechTree employees or contractors
  • Any attacks directed at TechTree's physical property or data centers

Thank you for assisting in the protection of TechTree and our users!

Changes

We may adjust these guidelines occasionally. The latest version of the guidelines will be viewable at www.TechTree.dev/disclosure.

Contact

TechTree consistently welcomes feedback, inquiries, and proposals. If you wish to reach out to us, please do not hesitate to email us at security@techtree.dev

Disciplinary Action

Employees who breach this policy may encounter disciplinary measures corresponding to their violation. TechTree management will evaluate the gravity of an employee's offense and implement the suitable action.

Responsibility

The Engineering team holds the responsibility for ensuring this policy is enforced.