Contact: mailto:security@scantower.io
Expires: 2026-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://scantower.io/.well-known/security.txt

# About ScanTower
# ScanTower is an automated website security monitoring platform that
# detects vulnerabilities, malware, SSL issues, and configuration drift
# across customer websites.

# Reporting Security Issues
# If you discover a security vulnerability in ScanTower, please report it to:
# security@scantower.io
#
# Please include:
# - Detailed description of the vulnerability
# - Steps to reproduce
# - Potential impact
# - Any proof-of-concept code
#
# We will respond within 48 hours and work with you to resolve the issue.

# Out of Scope
# - Social engineering attacks
# - Physical attacks against ScanTower infrastructure
# - Attacks requiring MITM or physical access to user devices
# - Denial of service attacks
# - Issues in third-party services we use

# Acknowledgments
# We appreciate responsible disclosure and will acknowledge security
# researchers who report valid vulnerabilities.