Back to home
Security
Security & Responsible Disclosure
We take security seriously, even at the private beta stage.
Report a vulnerability
Email a clear description of the issue, steps to reproduce, and any supporting proof-of-concept to:
security@echelongraph.ioWhat to include in your report
- A clear description of the vulnerability and its potential impact.
- Step-by-step reproduction instructions.
- Screenshots, logs, or a minimal proof-of-concept (if applicable).
- Your preferred contact method for follow-up questions.
Our commitment to you
Acknowledge
We will confirm receipt of your report within 72 hours.
Investigate
We will keep you updated as we investigate and work on a fix.
Credit
We will credit you by name (with your permission) once a fix is deployed.
Scope
This disclosure policy applies to the EchelonGraph marketing website and any private beta environments shared with design partners. It does not cover third-party services we link to.
Out of scope
- Denial of service attacks.
- Social engineering or phishing against our team.
- Issues requiring physical access to our infrastructure.
Safe harbour
We will not pursue legal action against researchers who act in good faith, adhere to this policy, and avoid privacy violations, service disruption, or data destruction.