Responsible Disclosure Policy
Last Updated: February 27, 2026
Overview
We take the security of Assist Mi seriously and welcome reports of potential vulnerabilities. This policy describes how to report security issues to us and what you can expect in return.
How to Report
If you believe you have found a security vulnerability, please email: support@assistmi.net
Include:
- A clear description of the issue and potential impact
- Steps to reproduce (proof-of-concept where appropriate)
- Any relevant logs, screenshots, or affected endpoints
- Your contact information for follow-up questions
Safe Harbor
We will not pursue legal action against researchers who:
- Make a good-faith effort to comply with this policy
- Avoid privacy violations, data destruction, and service disruption
- Do not access or modify data that does not belong to them
- Do not publicly disclose the issue before we have had a reasonable opportunity to investigate and remediate
Guidelines
Please do NOT:
- Use social engineering or phishing against our customers or team
- Run denial-of-service tests
- Exfiltrate customer data
- Modify or delete data
Our Commitment
We aim to:
- Acknowledge receipt of your report within a reasonable timeframe
- Provide updates as we investigate
- Work to remediate confirmed vulnerabilities in a timely manner
Disclosure
We may coordinate disclosure timing with you once a fix is available. We appreciate responsible reporting that allows us to protect customers.