Security
Responsible Disclosure
Reporting a Vulnerability
I take security seriously. If you've found a vulnerability in any of my applications or services, I want to hear about it.
Email: security@movetodigital.au
Please include:
- Description of the vulnerability
- Steps to reproduce
- Affected application or service
- Your assessment of severity (if known)
- Any supporting evidence (screenshots, logs)
What to Expect
- Acknowledgement within 2 business days
- I'll keep you updated on progress
- I won't take legal action against good-faith security research
Scope
- ClientForms.app
- WaitingForAMate.com
- movetodigital.au
- Associated APIs and infrastructure
Out of Scope
- Social engineering or phishing attempts
- Denial of service attacks
- Issues in third-party services I don't control
No Bug Bounty
I don't currently operate a bug bounty programme. I do appreciate responsible disclosure and will credit reporters where appropriate (with your consent).