TegmenSoft supports the responsible sharing of security vulnerabilities discovered in its products. We offer coordinated disclosure processes and safe harbor assurances to researchers.
Scope
The TegmenSoft SDK, our website, and our cloud management panel are in scope. Third-party services and customer customizations are out of scope.
Reporting Channel
Please send your findings GPG-encrypted to security@tegmensoft.com. We share our PGP key upon request.
SLA
Initial response within 48 hours, resolution plan within 5 business days, patch for critical vulnerabilities within 30 days.
Safe Harbor
We will not initiate legal proceedings for good-faith research conducted in accordance with this policy, and we support responsible disclosure.