Version 1.0
Kigen takes security issues extremely seriously and welcomes feedback from security researchers to improve the security of its services. We operate a policy of coordinated disclosure to address reports of security vulnerabilities and issues.
To report a suspected security issue privately to us, please send an email to [email protected], giving as much detail as you can.
We will respond to you as soon as possible. If the suspected security issue is confirmed, we will then come back to you with an estimate of how long the issue will take to fix. Once the fix is available, we will notify you and recognize your efforts on this page.
Whilst we encourage the investigation of potential security vulnerabilities, we cannot condone any activities that might interfere with legitimate users, which might contravene applicable computer/device misuse and data protection legislation, or violate any local legislation or regulations and third-party rights, including confidentiality and data privacy.
For that reason, the following activities are prohibited:
Kigen recommends that all vulnerability disclosure submissions be encrypted, but the use of encryption is at the discretion of the finder. To submit documents or other attachments and obtain PGP details, please contact [email protected]
Wherever possible, we aim to work with reporters to coordinate the public disclosure of an issue and, upon request, will acknowledge the reporter of a vulnerability in our public security bulletins.
Credit to the people who have helped make our services more secure by making a coordinated disclosure with us will appear below.