sebastianramos.cl Security Policy

Introduction

Welcome to sebastianramos.cl's Security Policy. This document outlines our commitment to security, how we handle vulnerability disclosures, and what researchers can expect when engaging with us.

Scope of the Policy

This policy applies to all public-facing services and products hosted under the domain sebastianramos.cl, including but not limited to our web applications, APIs, and third-party integrations.

Reporting Vulnerabilities

• Contact Us: Email security reports to security@sebastianramos.cl.
• Include: A detailed description, steps to reproduce the vulnerability, affected versions, and any PoC (Proof of Concept).
• Template: We encourage using the OWASP vulnerability disclosure template for clarity.

Disclosure Policy

• We ask for a 90-day period before public disclosure to allow us time to fix the issue.
• We will acknowledge receipt within 48 hours and provide an estimated timeline for resolution.
• We will keep you updated on the progress of fixing the vulnerability.
• If you wish to be credited publicly, please let us know in your initial report.

Safe Harbor

Any security researcher who complies with this policy during their research will not be subject to legal action by sebastianramos.cl for actions taken in accordance with this policy.

Out of Scope

The following types of vulnerabilities or actions are not covered by this policy:

• Social engineering attempts against our employees.
• Physical testing of our facilities or equipment.
• Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks.
• Any testing on third-party applications or services not under our direct control.

Rewards

While we don't have a formal bug bounty program, we appreciate all vulnerability reports and will consider recognizing significant contributions.

Conclusion

We appreciate the efforts of security researchers in making the internet safer. Thank you for your contribution to our security.