Responsible Disclosure Form

Introduction:

Thank you for helping us maintain the security and integrity of our systems at BrightMove, Inc. We appreciate your assistance in identifying and disclosing potential vulnerabilities. This Responsible Disclosure Form is designed to establish clear guidelines for ethical hacking and reporting security issues.

Guidelines for Responsible Disclosure:

1. Scope:

Focus on the security of our web applications, network, and data.

Report only genuine vulnerabilities related to BrightMove, Inc.

2. Eligibility:

Open to security researchers, customers, and users concerned about our platform's security.

3. Authorized Testing:

Limit testing to the scope mentioned above.

Do not engage in any activity that could harm the availability or integrity of our services.

4. Report Format:

Clearly describe the discovered vulnerability.

Include steps to reproduce the issue.

Provide a Proof of Concept (PoC) if possible.

5. Confidentiality:

Keep all information about the vulnerabilities confidential until they are resolved.

Do not disclose vulnerabilities publicly without our explicit consent.

6. Legal Considerations:

BrightMove, Inc. commits to not pursue legal action against researchers acting in good faith.

We appreciate responsible disclosure and will reciprocate by handling the matter diligently.

How to Submit a Report:

Email your findings to support@brightmove.com.

Use "Security Vulnerability - Responsible Disclosure" as the subject.

Provide your contact details for further communication.

Response and Resolution:

We will acknowledge receipt of your report within 2 business days.

Our security team will investigate and prioritize the reported issue.

We aim to provide a resolution or workaround within a reasonable timeframe.

Once resolved, we encourage public acknowledgment with your consent.

Rewards:

- BrightMove, Inc. may offer recognition for responsible disclosures, subject to evaluation.

- Monetary rewards are not currently provided due to our small business scale.

Disclaimer:

BrightMove, Inc. reserves the right to update these guidelines. By participating in responsible disclosure, you agree to adhere to the guidelines outlined above.

Thank you for your commitment to the security of BrightMove, Inc.