At Silverflow we always try to apply best practice, to both security and development.

Whilst we don't yet have a bug bounty program for any of our products, we do of course take security seriously, and are committed to and believe in friendly, coordinated disclosure of security vulnerabilities and issues. That's how we approach disclosing vulnerabilities we find in other people's stuff, as you have to try and lead by example.

If you need to get in touch about a potential vulnerability or issue in something we own, please use the contact details that you can find in our security.txt. If you have a sensitive report to share with us please encrypt it with our GPG key that can be found in the security.txt file as well.