It’s important that anybody is able to contact us, quickly and effectively, with security concerns. If you’re a security researcher and have discovered a security vulnerability, please disclose this information to us.
Please include the following information in the submission:
We will usually read and respond to all messages within 24 hours. We will prioritise any required remediation according to the level of severity of the issue.
At all times act responsibly and in the best interests of Koyo and our customers.
It is important that we treat your communication as a responsible disclosure and not an attack or extortion. Following these guidelines will help to ensure that.
We do not currently offer bug bounties. However, we do believe in public recognition for anyone who helps us to ensure our systems and data are secure. We will not name you without your consent.