Skip to content

Responsible Disclosure

Report security issues through a coordinated disclosure process

We investigate security reports promptly and coordinate remediation and communication with reporters.

Email Security View Security

How to report

Email security@identrail.com with detailed findings and proof-of-concept steps
Include reproduction steps, affected components, and potential impact
Reference our security.txt policy at /.well-known/security.txt for reporting scope and expectations
Avoid public disclosure until coordinated remediation is completed

Response expectations

Initial acknowledgement within one business day
Triage and severity classification with engineering review
Status updates at least every three business days until remediation is complete
Coordinated disclosure timeline after remediation is validated