DocumentationGuideAPI Reference

Security Reporting Policy

Guidelines for responsible disclosure of security vulnerabilities at LogChimp.

Introduction

At LogChimp, we take security very seriously and appreciate responsible disclosure of vulnerabilities that help us improve the software. We believe that security is a fundamental right of every human being. We want to make sure that our customers and their user's data are protected from any kind of security vulnerabilities.

Reporting Security Vulnerabilities

Potential security vulnerabilities can be reported directly us at logchimp@codecarrot.net.

How we handle Reports

LogChimp Core Team privately and works in a secured, isolated repository for tracking, testing, and resolving security-related issues.

Responsible Disclosure

To ensure a responsible and ethical reporting process, please adhere to the following:

  • Do not publicly disclose vulnerabilities until our team has had a reasonable time to address them.
  • Do not exploit the vulnerability beyond what is necessary to demonstrate the issue.
  • Do not access, modify, or delete data that does not belong to you.
  • Do not perform any activity that could disrupt the services of LogChimp, including but not limited to:
    • DDoS attacks
    • Brute force attacks
    • Spamming
    • Malware distribution
    • Virus distribution
    • Other malicious activity
  • Do not use any third-party tools to disclose the vulnerability.

Thanks for helping make LogChimp safe for everyone 🙏.

On this page

IntroductionReporting Security VulnerabilitiesHow we handle ReportsResponsible Disclosure