Book a Meeting
Contact Information

Benoni South Africa
87 Kei Rd
Farrarmere
1501

Give us a call. We would love to discuss your project.

087 265 9489

Find us here

Vulnerability Disclosure

Evolvea is committed to maintaining the security of our systems and protecting our users' data. We value the contributions of security researchers who help us identify and address vulnerabilities. This policy outlines our expectations for responsible vulnerability disclosure.

1. Scope

This policy applies to any digital assets owned, operated, or maintained by Evolvea, including but not limited to our websites, applications, APIs, and network infrastructure. We encourage security researchers to test our systems responsibly, with the goal of improving our overall security posture.

2. Reporting a Vulnerability

If you discover a potential security vulnerability, please report it to us by emailing [email protected] . When reporting, please include:

  • A detailed description of the vulnerability
  • Steps to reproduce the issue
  • The potential impact of the vulnerability
  • Any proof-of-concept code or screenshots
  • Your contact information for follow-up

3. Our Commitment

When you report a vulnerability to us, we commit to:

  • Acknowledging receipt of your report within 5 business days
  • Providing regular updates on our progress in addressing the vulnerability
  • Working with you to understand and validate the issue
  • Notifying you when the vulnerability has been resolved
  • Recognizing your contribution (with your permission) in our security acknowledgments

4. Safe Harbor

Evolvea will not pursue legal action against security researchers who discover and report vulnerabilities in good faith, in accordance with this policy. We consider security research conducted in compliance with this policy to be authorized and will not initiate legal action against you for circumventing technology measures we employ to protect our applications, provided you do not exceed your authorization.

5. Guidelines for Researchers

To ensure responsible disclosure, we ask that you:

  • Do not access, modify, or delete data belonging to others
  • Do not perform attacks that could harm the availability of our services (such as denial of service)
  • Do not engage in social engineering or phishing of our employees or customers
  • Do not disclose the vulnerability publicly until we have had a reasonable opportunity to address it
  • Act in good faith and make a genuine effort to avoid privacy violations and disruptions

6. Out of Scope

The following vulnerability types are generally considered out of scope:

  • Vulnerabilities in third-party applications or services
  • Issues related to outdated browsers or platforms
  • Physical security issues
  • Denial of service attacks
  • Spam, social engineering, or phishing attacks

7. Contact Information

For security-related inquiries, please contact us at [email protected] . For general inquiries, please use our standard contact channels.