Security is a cornerstone of DataJourney's development philosophy. We are committed to maintaining the highest standards of security for our platform and deeply value the security community's role in helping us achieve this goal.
We encourage responsible disclosure of security vulnerabilities. If you identify a potential security issue in DataJourney, here's how to report it:
- Submit a Vulnerability report: Click here
- Comprehensive Details: Include reproduction steps, potential impact assessment, affected versions, and any proof-of-concept code or screenshots.
When you submit a security report, DataJourney's security team commits to:
Initial Response
- Confirmation of report receipt
- Initial impact assessment
Investigation Phase
- Thorough analysis of the reported issue
- Severity classification using industry standards
Resolution & Disclosure
- Development and testing of security patches
- Coordinated release of fixes across affected versions
This policy encompasses:
- DataJourney core application code
- Configuration and deployment scripts
- Documentation that could impact security
Out of Scope:
- Third-party dependencies (reported separately to respective maintainers)
- Social engineering attacks
- Physical security issues
For security-related inquiries, vulnerability reports, or general security questions:
Contact info: security@datajourneyhq.com
We appreciate your efforts in keeping DataJourney secure for everyone!