At emproof, we take the security of our products, services, and infrastructure seriously. We welcome and appreciate responsible security research conducted by the security community. If you believe you have found a security vulnerability, we encourage you to report it to us responsibly.
Scope
This policy applies to all emproof products, services, and web properties, including:
- emproof.com and its subdomains
- Nyx product family (Nyx Microcontroller, Nyx Systems, Nyx Python)
- emproof APIs and integrations
Reporting a Vulnerability
Please report security vulnerabilities via email to:
security@emproof.com
In your report, please include:
- A description of the vulnerability and its potential impact
- Steps to reproduce the issue
- Any proof-of-concept code or screenshots
- Your name and contact information (if you wish to be credited)
Our Commitment
- We will acknowledge receipt of your report within 3 business days
- We will provide an initial assessment within 10 business days
- We will keep you informed about the progress of the fix
- We will credit you (if desired) once the vulnerability is resolved
- We will not take legal action against researchers who comply with this policy
Guidelines
We ask that you:
- Do not access, modify, or delete data belonging to other users
- Do not perform denial-of-service attacks
- Do not perform social engineering against emproof employees
- Allow reasonable time for us to fix the issue before public disclosure
- Act in good faith and avoid privacy violations
