Security Policy

Website Security Policy

This Security Policy covers the components, technology, and web-pages that make up the Endure Secure website (https://endsec.au).

Endure Secure is committed in appropriately ensuring the confidentiality, integrity, and availability of all information assets. Endure Secure takes a defence-in-depth approach in securing this website, employing detective, preventative, and recovery controls.

Endure Secure encourages the responsible disclosure of security issues. If you wish to disclose a potential security vulnerability or incident to us, you can contact us using the details available on the security.txt page. All disclosures are assessed by our security team, with a risk-based approach taken to determine whether any action will be taken.

Solely at our discretion, we may offer recognition through our Hall of Fame page, and for critical issues, we may also offer additional rewards, however we are under no obligation to do either. We may not respond to disclosures for benign vulnerabilities such as email DNS records and HTTP response headers, and we will not respond to suspected beg bounties.