Absolute IT

Security Center

Protecting your information is our priority

If you suspect a security incident or unauthorized access to your account, contact our security team immediately at security@absoluting.com

Absolute IT values the security research community and encourages responsible disclosure of security vulnerabilities.

1Responsible Disclosure Policy

We appreciate the work of security researchers who help keep our platform and users safe. If you discover a security vulnerability in any Absolute IT service, we ask that you: report the vulnerability to us as soon as possible; provide sufficient detail for us to understand and reproduce the issue; avoid accessing, modifying, or deleting data belonging to other users; and give us a reasonable period to address the issue before making any public disclosure.

2How to Report a Security Bug

Please submit security vulnerability reports to security@absoluting.com. Include the following information in your report: a clear description of the vulnerability and its potential impact; step-by-step instructions to reproduce the issue; any relevant URLs, screenshots, or proof-of-concept code; your contact information for follow-up questions. We use PGP encryption for sensitive communications — request our public key if needed.

3What to Expect

After submitting a report, you can expect the following: acknowledgment of your report within 2 business days; an initial assessment within 5 business days; regular updates on our progress as we work to resolve the issue; and notification when the vulnerability has been fixed. We aim to resolve critical vulnerabilities within 72 hours and other issues within 30 days.

4Out of Scope

The following activities and findings are considered out of scope: denial-of-service (DoS) attacks or testing; social engineering attacks against Absolute IT employees; physical security testing of our offices; spam or social engineering techniques; automated scanning without prior approval; and vulnerabilities in third-party services or applications not directly controlled by Absolute IT.