Security Research

Vulnerability Disclosure Policy

We welcome responsible security research.

Dainin AI values the security community and encourages responsible disclosure of vulnerabilities. If you have discovered a security issue, we want to hear from you.

Reporting a Vulnerability

If you believe you have found a security vulnerability in any Dainin AI service, please submit a report to security@dainin.ai. Include the following information to help us investigate effectively.

Description

A clear and detailed description of the vulnerability, including the affected component or endpoint.

Steps to Reproduce

Step-by-step instructions that allow our team to reliably reproduce the issue.

Potential Impact

Your assessment of the severity and potential impact of the vulnerability if exploited.

Screenshots & Logs

Any supporting evidence such as screenshots, log output, or proof-of-concept code.

Responsible Disclosure Guidelines

To ensure the safety of all parties, we ask that security researchers follow these guidelines when investigating and reporting vulnerabilities.

  • 1
    Avoid accessing or modifying data belonging to other users or accounts.
  • 2
    Avoid actions that could disrupt services or degrade the experience for other users.
  • 3
    Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue.
  • 4
    Allow a reasonable timeframe for investigation and remediation before any public disclosure.

Our Commitment

When you report a vulnerability to us, we commit to the following process.

Acknowledge Receipt

We will acknowledge your report promptly and provide a point of contact for ongoing communication.

Investigate

Our security team will investigate the reported issue and assess its impact and severity.

Remediate

We will work to resolve confirmed vulnerabilities in a timely manner based on severity.

Communicate

We will keep you informed of our progress and notify you when the issue has been resolved.

Scope

This policy applies to all Dainin AI services, platforms, and infrastructure. If you discover a vulnerability in a third-party service or component used by Dainin AI, we will coordinate responsible disclosure with the relevant provider.

Dainin AI web applications
API endpoints and services
Authentication and access systems
Infrastructure and hosting

Safe Harbor

Dainin AI will not pursue legal action against security researchers who discover and report vulnerabilities in good faith, in accordance with this policy. We consider responsible security research conducted consistent with these guidelines to be authorised activity and will not initiate legal proceedings against researchers who comply with this policy.

Report a Vulnerability

Send your vulnerability report to

security@dainin.ai

Related Security Policies

Data Retention PolicyAI Governance