Responsible Disclosure Policy
At CyberInterviewPrep, we take the security of our platform and the data of our users seriously. We welcome the contribution of security researchers in helping us maintain a safe environment.
Our Commitment
At CyberInterviewPrep, we believe that security is a collaborative effort. If you believe you have found a security vulnerability in our platform, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem. We ask that you give us a reasonable amount of time to resolve the issue before making it public.
Rules of Engagement
The "Do's"
- •Report immediately: Notify us as soon as you discover a potential vulnerability.
- •Provide details: Include clear reproduction steps, screenshots, or proof-of-concept (PoC).
- •Test safely: Use your own accounts and avoid impacting other users' data or privacy.
- •Wait for us: Allow us a reasonable timeframe (typically 30-90 days) to fix the issue before disclosure.
The "Don'ts"
- •No DoS/DDoS: Do not attempt to degrade or disrupt our service availability.
- •No Social Engineering: Do not target our employees or users with phishing or other human-based attacks.
- •No Data Exfiltration: Do not download or access more data than necessary to prove the vulnerability.
- •No Extortion: Do not demand compensation or bug bounties as a condition for reporting.
★Hall of Fame
Recognizing the ethical hackers who help keep us safe.