NightShield - AI Surveillance That Protects Venues Before It's Too Late

We appreciate coordinated reports from security researchers.

Please do:

Email security@nightshield.ai (PGP key on /security).
Provide steps to reproduce, affected URLs/IPs, impact, and any PoC.
Give us reasonable time to remediate before public disclosure.

Please don't:

Access customer data, modify or delete data, or disrupt service.
Perform DDoS, spam, social engineering, or physical attacks.
Use automated scanners against production at high rates.

Out of scope (examples):

SPF/DKIM/DMARC record suggestions, missing security headers that don't lead to exploit, clickjacking on non-sensitive pages, weak password policy without exploit, rate-limiting noise.

Our commitment:

Acknowledgement:

within 3 business days.

Status updates:

every 10 business days until resolved.

Credit:

(optional) with your consent on a Hall of Thanks.

No bounty at this time.

Legal safe harbour:

If you follow this policy in good faith, we won't pursue legal action for your research.

Last updated: [DD MMM YYYY]

Responsible Vulnerability Disclosure