# Numen Technology Security Contact
#
# RFC 9116 Compliant Security.txt
# This file provides standardised vulnerability disclosure information.
#
# We welcome responsible security research and coordinated disclosure.

Contact: mailto:security@numentechnology.co.uk
Expires: 2026-11-01T00:19:17.016Z
Preferred-Languages: en
Canonical: https://www.numentechnology.co.uk/.well-known/security.txt
Policy: https://www.numentechnology.co.uk/security-policy

# Vulnerability Reporting Guidelines
#
# Please include in your report:
# - Vulnerability type and description
# - Affected URLs or components
# - Steps to reproduce
# - Potential impact assessment
# - Proof-of-concept (if applicable)
#
# Our Response Timeline:
# - Initial response: Within 24 hours (UK working days)
# - Acknowledgement: Within 48 hours with case reference
# - Regular updates: Every 7 days until resolution
# - Disclosure: Coordinated 90-day disclosure window
#
# Safe Harbour & Legal Protection:
# We will not pursue legal action (including Computer Misuse Act 1990 claims)
# against security researchers who:
# - Make a good-faith effort to avoid privacy violations and service disruption
# - Only test accounts they own or have explicit authorisation to test
# - Do not exploit vulnerabilities beyond minimum necessary to demonstrate existence
# - Do not intentionally access, modify, or delete data belonging to others
# - Follow coordinated disclosure principles and allow reasonable remediation time
#
# For full details, see our security policy at https://www.numentechnology.co.uk/security-policy