Responsible Disclosure

This Responsible Disclosure policy outlines our approach to handling vulnerability reports and the conditions we expect cybersecurity researchers to adhere to when identifying or reporting security issues or vulnerabilities.

Lethal Forensics investigates all reports of security vulnerabilities affecting Lethal Forensics’ systems (e.g. web presence, email infrastructure or any software projects published through our corporate GitHub account at https://github.com/lethal-forensics). If you are a cybersecurity researcher and believe you have found a security vulnerability, please send an email to us at Lethal Responsible Disclosure.

Reporting Process

Please notify us as soon as possible after you have discovered a real or potential security issue.

We prefer all communications to be in English or German.

We support OpenPGP-encrypted emails for particularly sensitive information. You can find our public key on our official website.

Please give us a detailed description of the security issue (including validation steps, recommended fix, and assumed impact).

Please allow us a reasonable amount of time to fix the security issue before making any information public.

Please avoid data deletion, unauthorized data access, and service disruption while testing the vulnerability you found.

Please be aware that there is no bug bounty program in place where you can expect a reward for your report. Kindly refrain from requesting such compensation.

Our Commitment

We will confirm receipt of your report within three business days.

We will give you an estimate of how long the fix will take.

We will handle your report with confidentiality and not pass on your personal details to third parties.

We will try to keep you informed of the progress towards resolving the problem.

If your vulnerability report is valid and you would like to be recognized for your contribution, we will gladly add you to our public “Hall of Fame” list, by name or anonymously. We will only add you to this list, if this is explicitly requested by you.

If you have any questions regarding this policy, please contact us at security@lethal-forensics.com. We also invite you to contact us with suggestions for improving this policy.

Thank you for helping us keep our systems secure!

How can we help you?

BENÖTIGEN SIE DRINGEND HILFE BEI EINEM CYBER-VORFALL?

WIE KÖNNEN WIR IHNEN HELFEN?

Need urgent help with a Cyber incident?