# Axilog / Axioma framework — security disclosure contact
# RFC 9116 — https://www.rfc-editor.org/rfc/rfc9116
#
# Axilog.io and SpeyTech.com share a single security disclosure contact.
# Reports are read by William Murray; policy at the URL below covers both
# domains.
#
# Verify the PGP key fingerprint before encrypting sensitive reports:
#   E575 34E6 17EB D9C1 7096  5333 AEB2 FE92 2344 130A
#
# Acknowledgement aim: within 72 hours for in-scope reports. See the policy
# URL below for scope, disclosure timelines, and what counts as a valid
# report.

Contact: mailto:security@speytech.com
Encryption: https://axilog.io/.well-known/pgp-key.txt
Expires: 2027-05-16T23:59:59.000Z
Preferred-Languages: en
Canonical: https://axilog.io/.well-known/security.txt
Policy: https://speytech.com/security/