Security, Vulnerability, and Abuse Reporting Policy — Skyes Over London / SOL Enterprises

Security commitment

We use reasonable administrative, technical, and organizational safeguards designed to protect services, accounts, and data.

Report channels

Security issues, suspected abuse, phishing, account compromise, exposed credentials, or vulnerability reports should be sent to grayskyes@solenterprises.org with sufficient detail to investigate.

No unauthorized testing

Do not perform destructive testing, denial-of-service, social engineering, spam, phishing, credential attacks, data exfiltration, persistence, lateral movement, or access to accounts or data you do not own.

Responsible disclosure

Good-faith reports should avoid public disclosure until we have a reasonable opportunity to investigate and remediate. We do not guarantee bounty payments unless a written bounty program applies.

Customer duties

Customers must secure credentials, enforce least privilege, rotate compromised keys, monitor connected accounts, configure approvals, maintain backups, and comply with their own security obligations.

Incident response

We may investigate, suspend accounts, revoke keys, preserve logs, notify providers, notify users, report to authorities, or take containment steps when security risk is detected.

Contact and legal notices

Questions, legal notices, privacy requests, intellectual-property notices, and support requests may be sent to grayskyes@solenterprises.org. Include the applicable service, account, order, URL, content, and facts needed to investigate.