Vulnerability Disclosure Policy
Our security disclosure policy for the research community.
Our Current Stance on Bug Bounty & Disclosure Programs
At Indusface, we're on a mission to secure web, APIs and AI applications at scale through AppTrana, our autonomous application security platform.
While we are deeply committed to security and openness with the broader research community, we do not currently maintain a formal bug bounty program or structured vulnerability disclosure program. Our focus right now is on building the most reliable application security platform and on responsibly evolving how vulnerabilities are found and communicated.
That said, we greatly value the contributions of security researchers, ethical hackers, and anyone who takes the time to identify issues. Your insights help make the digital world safer for everyone.
How to Share Security Findings With Us
If you believe you've found a security vulnerability or an issue that warrants our attention, please contact our Security Team.
How to Report
Send an email to support@indusface.com with as much detail as you can provide, including steps to reproduce, impact, and any supporting evidence.
We commit to reviewing every submission thoughtfully, and we'll work with you in good faith to understand and address the issue. While we don't offer monetary rewards today, we're genuinely grateful for community contributions and will acknowledge collaborators where appropriate.
Found a vulnerability?
We want to hear from you.
Reach out to our security team and we'll work with you in good faith.