Contact: mailto:security@betmarino.com
Contact: https://nuestramirada.org/security-contact
Expires: 2025-12-31T23:59:00.000Z
Encryption: https://nuestramirada.org/pgp-key.txt
Acknowledgments: https://nuestramirada.org/security-acknowledgments
Preferred-Languages: tr, en
Canonical: https://nuestramirada.org/.well-known/security.txt
Policy: https://nuestramirada.org/security-policy

# Betmarino Security Information

# If you discover a security vulnerability, please contact us at:
# security@betmarino.com

# Please include the following information:
# - Type of issue
# - Full paths of source file(s) related to the manifestation of the issue
# - Location of the affected source code (tag/branch/commit or direct URL)
# - Step-by-step instructions to reproduce the issue
# - Proof-of-concept or exploit code (if possible)
# - Impact of the issue, including how an attacker might exploit the issue

# Security Measures:
# - SSL/TLS encryption
# - CSRF protection
# - XSS protection
# - Input validation
# - Regular security audits
# - Secure headers implementation

# Responsible Disclosure:
# We appreciate responsible disclosure of security vulnerabilities.
# We will respond to security reports within 24-48 hours.

# Bug Bounty Program:
# Currently, we do not have a formal bug bounty program.
# However, we appreciate security researchers' efforts.

# Scope:
# This security policy applies to:
# - nuestramirada.org (primary domain)
# - All subdomains of nuestramirada.org

# Out of Scope:
# - Social engineering attacks
# - Physical attacks against our offices or data centers
# - DoS/DDoS attacks

# Legal:
# We will not pursue legal action against security researchers
# who follow responsible disclosure practices.

# Last Updated: 2025-01-15