Vulnerability Disclosure Policy

Last Updated: January 7, 2025

AppStance (formerly Search Ads Optimization - SAO) is committed to maintaining the security and integrity of our systems and protecting our users' data. This policy outlines how security researchers and members of the public can report vulnerabilities responsibly.

Reporting a Vulnerability

If you have discovered a potential security vulnerability in our systems, we encourage you to report it to us as soon as possible. Please follow the guidelines below to help us respond effectively:

Contact Information

Email: support@appstance.com

Information to Include

Description of the vulnerability and its potential impact.
Steps to reproduce the issue, including proof-of-concept if possible.
Any relevant screenshots or logs.
Your contact details for follow-up (optional but encouraged).

Scope

Include only systems and services explicitly owned or operated by AppStance (formerly Search Ads Optimization - SAO).
Out of scope: Third-party services and products not under our direct control.

Our Commitment

Acknowledgment: We will acknowledge receipt of your report within 5 business days.
Evaluation: Our team will investigate and validate the vulnerability as quickly as possible.
Non-Retaliation: We will not take legal action against individuals acting in good faith who comply with this policy.
Recognition: If applicable, and with your permission, we may publicly acknowledge your contribution.

Safe Harbor

To encourage responsible disclosure, we promise:

Not to initiate legal action against you for identifying a vulnerability, as long as you:
Do not exploit the vulnerability for malicious purposes.
Do not access or modify user data without permission.
Provide us a reasonable amount of time to fix the issue before public disclosure.

Excluded Activities

Please avoid the following when testing:

Social engineering or phishing attacks.
Denial-of-service (DoS) attacks.
Physical attacks or testing on non-digital assets.
Breaching the privacy of other users.

Thank You for Your Support

We appreciate your efforts to help us keep our systems secure and protect our users. Your responsible disclosure helps us address issues quickly and effectively.

AppStance (formerly Search Ads Optimization - SAO) support@appstance.com

*This policy applies to any product created and owned by AppStance (formerly Search Ads Optimization - SAO).

AppStance (formerly Search Ads Optimization (SAO))

Reporting a Vulnerability

If you have discovered a potential security vulnerability in our systems, we encourage you to report it to us as soon as possible. Please follow the guidelines below to help us respond effectively:

Contact Information

Information to Include

Description of the vulnerability and its potential impact.

Steps to reproduce the issue, including proof-of-concept if possible.

Any relevant screenshots or logs.

Your contact details for follow-up (optional but encouraged).

Scope

Include only systems and services explicitly owned or operated by AppStance (formerly Search Ads Optimization - SAO).

Out of scope: Third-party services and products not under our direct control.

Our Commitment

Acknowledgment: We will acknowledge receipt of your report within 5 business days.

Evaluation: Our team will investigate and validate the vulnerability as quickly as possible.

Non-Retaliation: We will not take legal action against individuals acting in good faith who comply with this policy.

Recognition: If applicable, and with your permission, we may publicly acknowledge your contribution.

Safe Harbor

To encourage responsible disclosure, we promise:

Not to initiate legal action against you for identifying a vulnerability, as long as you:

Do not exploit the vulnerability for malicious purposes.

Do not access or modify user data without permission.

Provide us a reasonable amount of time to fix the issue before public disclosure.

Thank You for Your Support

We appreciate your efforts to help us keep our systems secure and protect our users. Your responsible disclosure helps us address issues quickly and effectively.

AppStance (formerly Search Ads Optimization - SAO) support@appstance.com

*This policy applies to any product created and owned by AppStance (formerly Search Ads Optimization - SAO).