Security commitment
We use reasonable administrative, technical, physical, and organizational safeguards designed to protect services, accounts, facilities, systems, and data.
Report channels
Security issues, suspected abuse, phishing, account compromise, exposed credentials, physical-facility concerns, missing equipment, unauthorized access, or vulnerability reports should be sent to legal-skyes@solenterprises.org with sufficient detail to investigate.
Responsible disclosure
Good-faith reports should avoid public disclosure until we have a reasonable opportunity to investigate and remediate. We do not guarantee bounty payments unless a written bounty program applies.
Customer duties
Customers must secure credentials, enforce least privilege, rotate compromised keys, monitor connected accounts, configure approvals, maintain backups, protect physical access to their own systems, and comply with their own security obligations.
Incident response
We may investigate, suspend accounts, revoke keys, preserve logs, preserve footage, notify providers, notify users, report to authorities, inspect assets, or take containment steps when security risk is detected.
Physical security
Company offices, server rooms, data rooms, AI infrastructure spaces, and critical operations suites may be appointment-only, video-monitored, access-controlled, logged, and subject to visitor, landlord, maintenance, and vendor entry restrictions. See the Critical Infrastructure Facilities and Physical Security Policy for the current public posture.
Contact and legal notices
Questions, legal notices, privacy requests, intellectual-property notices, and support requests may be sent to legal-skyes@solenterprises.org. Include the applicable service, account, order, URL, content, and facts needed to investigate.