# Omega Blue Solutions - Security Disclosure Policy # # Thank you for helping keep Omega Blue Solutions and our customers secure. # We take security seriously and appreciate your responsible disclosure. # # IMPORTANT: This policy applies ONLY to the public-facing website at # omegabluesolutions.com. Do NOT test or report issues related to any # government systems, classified networks, or customer deployments. # # What we're looking for: # - Vulnerabilities in our public website and web applications # - Security issues that could affect our customers or their data # - Authentication, authorization, or session management flaws # - XSS, CSRF, injection vulnerabilities, or similar web application issues # # Please provide: # - Clear description of the vulnerability and its potential impact # - Steps to reproduce (proof of concept preferred over exploitation) # - Your recommended remediation if you have suggestions # # Our commitment: # - We'll acknowledge receipt within 48 hours (business days) # - We'll provide regular updates on remediation progress # - We'll credit researchers in our acknowledgments page (unless you prefer # to remain anonymous) # # Please note: # - We do not offer monetary bug bounties at this time # - We do publicly acknowledge security researchers who help us # - We ask for 48 hours to respond before any public disclosure # - We will not pursue legal action against researchers who follow this # responsible disclosure process # # Out of scope: # - Social engineering attacks against our employees # - Physical security testing of our facilities # - Denial of service attacks # - Spam or brute force attacks # - Issues in third-party services we don't control Contact: mailto:security@omegabluesolutions.com Contact: tel:+1-833-627-1776 Expires: 2025-12-31T23:59:59.000Z Preferred-Languages: en Canonical: https://omegabluesolutions.com/.well-known/security.txt Policy: https://omegabluesolutions.com/security Acknowledgments: https://omegabluesolutions.com/security/acknowledgments # PGP Key: Currently not available - please use email contact above # Encryption: mailto:security@omegabluesolutions.com # We're a veteran-owned small business serving federal agencies. # Your responsible disclosure helps us protect not just our business, # but the missions we support. Thank you for being part of our security team.