Vulnerability Disclosure Program

Securing the Future

At HWAI Technology, security is at the core of our innovation. We appreciate the work of security researchers and invite you to report vulnerabilities in our infrastructure.

In Scope

All *.hwai-technology.com subdomains, our web applications, APIs, and cloud infrastructure are within scope for testing.

Out of Scope

Social engineering, physical attacks, and third-party services not managed by us are strictly out of scope.

Our Promise

We will not take legal action against researchers who follow this policy and act in good faith to protect our users.

Submit Security Report

Provide a clear description of the vulnerability and its potential impact.

Include step-by-step instructions to reproduce the issue. Be as detailed as possible.

Drag and drop files here, or click to browse

Max 5 images or 1 compressed file (20MB total)

By submitting, you agree to our responsible disclosure terms.

Disclosure Guidelines

1

Act in Good Faith

Avoid privacy violations, destruction of data, and interruption or degradation of our services.

2

Responsible Disclosure

Provide us a reasonable amount of time to resolve the issue before disclosing it to the public or a third party.

3

No Exploitation

Do not use a vulnerability to access others' data, or to modify or delete data that does not belong to you.

4

Quality Reports

Better reports lead to faster resolution. Include all necessary steps, screenshots, and logs.