Security at Ciroos

Responsible Disclosure Policy

At Ciroos, the security of our systems, customers, and partners is a top priority. We recognize the important role that security researchers and the community play in helping us maintain a secure environment.


If you believe you have discovered a security vulnerability in a Ciroos product, service, or system, we encourage you to report it to us responsibly.

How to Report

Please send your findings to security@ciroos.ai. To help us investigate effectively, please include:

  • A detailed description of the vulnerability
  • Steps to reproduce the issue
  • Any relevant tools, scripts, or proof-of-concept code (if available)

Guidelines for Researchers

We ask that you follow these principles when investigating and reporting:

  1. Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue.
  2. Do not disrupt services for customers or exfiltrate sensitive data.
  3. Respect privacy and confidentiality of any data encountered.
  4. Allow us reasonable time to investigate and remediate before disclosing publicly.

Our Commitment

If you report a valid security issue to us:

  • We will acknowledge receipt of your report.
  • We will provide regular updates as we investigate.
  • We will notify you when the issue is remediated.
  • We will not pursue legal action if you follow this policy in good faith.

Recognition

While we do not currently operate a paid bug bounty program, we deeply appreciate contributions that help us strengthen security. With your permission, we may recognize you on our website or in release notes for valid reports.

Thank You

Your efforts to help keep Ciroos and our community secure are invaluable. Together, we can maintain a trusted environment for our user community.

© 2025 Ciroos, Inc. All rights reserved.
Terms of Service

Request a Demo

Contact us to schedule your personalized demo

Thanks for your demo request — we’ll be in touch shortly!
Oops! Something went wrong while submitting the form.