Security & Responsible Disclosure Policy

1. Our Security Commitment

FastNet Cloud takes the security of our platform and our customers' data seriously. We implement industry-standard security measures including encryption at rest and in transit, access controls, regular security audits, and vulnerability monitoring.

2. Reporting a Vulnerability

If you believe you have discovered a security vulnerability in FastNet Cloud, we encourage you to report it responsibly. Please email your findings to security@fastnetcloud.com with the subject line "Security Vulnerability Report".

3. What to Include

Please provide a detailed description of the vulnerability, steps to reproduce it, the potential impact, and any proof-of-concept code. Include your name and contact information for follow-up.

4. Our Response Process

We acknowledge receipt within 48 hours. We investigate and validate the report within 5 business days. We develop and deploy a fix based on severity. We notify you when the fix is deployed and may publicly acknowledge your contribution.

5. Safe Testing Expectations

Do not access, modify, or delete data that does not belong to you. Do not perform tests that could degrade platform performance or availability. Do not share vulnerability details publicly until we have deployed a fix. Use the provided testing environment when available.

6. Disclosure Timeline

We aim to resolve critical vulnerabilities within 72 hours, high-severity issues within 7 days, and medium-severity issues within 30 days. We coordinate disclosure timing with you before any public announcement.

7. Legal Safe Harbor

We will not pursue legal action against individuals who report vulnerabilities in good faith and in accordance with this policy. We consider such research a valuable contribution to platform security.

8. Contact

For security-related inquiries: security@fastnetcloud.com. This address is for security vulnerabilities only. General support inquiries should be directed to our support team.