Found something? We want to hear it.
We’re a security company. Holding ourselves to the standard we ask of others means making it easy and safe to report a flaw.
How to report
Email security@antrixis.com with enough detail to reproduce the issue — affected endpoint or component, steps, and impact. Encrypted reports are welcome; request our PGP key in your first message.
Our commitment to you
- We acknowledge new reports within two business days.
- We’ll keep you updated as we triage, validate, and remediate.
- We won’t pursue legal action for good-faith research under this policy.
- With your permission, we’ll credit you once a fix has shipped.
Safe harbor
Research conducted in line with this policy is considered authorized. We will not initiate or support legal action against researchers for accidental, good-faith violations. If in doubt about whether an action is permitted, ask us first.
Please do
- Test only against accounts and assets you own or are explicitly permitted to.
- Give us reasonable time to remediate before any public disclosure.
- Stop and report immediately if you encounter customer data.
Please don’t
- Access, modify, or exfiltrate data that isn’t yours.
- Degrade service — no denial-of-service, spam, or social engineering.
- Disclose the issue publicly before we’ve had a chance to fix it.
Scope
Our production application and public marketing site are in scope. Third-party services we rely on are governed by their own programs. When in doubt, email us and we’ll clarify.
Reporting something time-sensitive?
Email security@antrixis.com directly — it routes straight to our security team.