At Corvic, security is our top priority. We appreciate and support the work of securityresearchers in helping us keep our platform safe for everyone. If you believe you’ve discovereda vulnerability in our systems, we encourage you to report it to us responsibly.
Scope
This policy applies to
*.corvic.ai (e.g., app.corvic.ai, api.corvic.ai)
Corvic's publicly available web applications and APIs
Out-of-scope areas
Denial of Service (DoS) attacks
Social engineering or phishing
Physical attacks
Guidelines
To help us triage and respond effectively, please:
Include a detailed description of the vulnerability
Provide steps to reproduce the issue
Avoid accessing or modifying any user data
Never attempt to disrupt service availability
How to Report
Please send reports to: security-reports@corvic.ai
Include:
Your contact information
A description of the issue
Proof of concept, if available
We will acknowledge receipt within 3 business days, and aim to provide updates on the statusof your report as we investigate.
Recognition
While we do not offer monetary rewards at this time, we appreciate responsible disclosure andmay offer public acknowledgment on our site for impactful, valid reports.
Thank You
We deeply value your efforts in making Corvic safer. Your responsible actions help protectthousands of users and organizations who rely on our platform.
