Vulnerability Disclosure Policy – Airportr Technologies
At Airportr, the security of our systems and the privacy of our customers are our highest priorities. We welcome and value the contributions of the security community in helping us maintain a safe and trusted service.
This policy explains how to responsibly report potential security issues you may find in our systems.
Reporting a Security Vulnerability
If you believe you have discovered a security vulnerability in any Airportr system, service, or application, please contact us at:
Email: security@portr.com
When submitting a report, please include as much detail as possible to help us investigate quickly, such as:
- A detailed description of the vulnerability.
- Steps to reproduce the issue (proof of concept if available).
- Any potential impact you believe the vulnerability may have.
- Your contact details (if you’d like us to update you on progress).
Our Commitment to You
- We will acknowledge receipt of your report within 3 business days.
- We will investigate and provide a status update within 10 business days.
- We will keep you informed as we work to resolve the issue.
- We will not take legal action against good-faith researchers who follow this policy.
- With your permission, we may publicly acknowledge your contribution once the issue is resolved.
Guidelines for Responsible Disclosure
To protect our customers and systems, we ask that you:
- Avoid accessing, modifying, or deleting data that does not belong to you.
- Avoid actions that could degrade or disrupt our services.
- Allow us reasonable time to investigate and remediate before publicly disclosing any information about the vulnerability.
Failure to follow these guidelines may be considered outside the scope of responsible research.
Recognition
We value the efforts of security researchers and, with permission, will acknowledge verified, impactful reports.
Future Bug Bounty Program
Airportr is currently evaluating a formal bug bounty program. While we do not provide monetary rewards today, we are open to discussing recognition or potential future collaboration with security researchers who help us protect our systems.