Loading...

Responsible Disclosure

At Alembic Technologies, the security of our systems, products, and users is a top priority. We are committed to maintaining a secure environment and appreciate the efforts of security researchers and members of the community who help us identify potential vulnerabilities.

If you believe you’ve discovered a security vulnerability in any of our products, services, or infrastructure, we encourage you to report it to us responsibly. This policy outlines our commitment to security and provides guidelines for submitting vulnerability reports.

Table of contents

1. Reporting a Vulnerability

If you have discovered a potential security issue, please email us at security@getalembic.com with the following details:

  • A clear description of the vulnerability
  • The affected product, service, or system
  • Steps to reproduce the issue, including any screenshots
  • Your contact information (optional, should you wish to receive follow-up)

We ask that you:

  • Avoid accessing, modifying, or deleting data that does not belong to you
  • Do not perform actions that may degrade our service or impact other users
  • Give us a reasonable amount of time to investigate and remediate the issue before disclosing it publicly

2. Our Commitment

Upon receiving your report, Alembic Technologies commits to:

  • Acknowledging your submission within 5 business days
  • Investigating and validating the reported vulnerability
  • Keeping you informed of our progress and any remediation timelines (if you’ve provided contact details)
  • Crediting you for your responsible disclosure if we resolve the issue and you would like recognition

3. Safe Harbor

We will not pursue legal action against individuals who:

  • Engage in good faith, consistent with this policy
  • Report vulnerabilities through our designated reporting channels
  • Avoid harming Alembic or its users, and respect privacy and data security


Any activities conducted in a manner consistent with this policy will be considered authorized conduct, and we will work with you to ensure that any interactions are constructive and mutually beneficial.

4. Scope

This policy applies to vulnerabilities in:

  • Alembic’s publicly accessible services and APIs
  • Alembic’s client applications and web properties

If you’re unsure whether a system is in scope, please contact us at security@getalembic.com before engaging in testing.

Thank you for helping keep Alembic Technologies secure.

Alembic Technologies reserves the right to update this policy at any time.