Scope expansion
2/8/2024, 12:52:03 PM (11 months ago)
2/8/2024, 12:52:23 PM

The responsible disclosure program's scope has been expanded. Below scope added :

  • *.naiad.cloud
  • *.naiad.ninja
  • Aqora.*
  • aqora.naiad.*
  • *.polderroof.com
  • *.metropolder.com

Thank you for your ongoing efforts in helping us maintain a secure environment. Happy testing (with the current rules!)

Scope update
1/19/2024, 2:26:58 PM (12 months ago)

The program's scope has been modified to exclude anything under *.vectus.in.

Thank you!
Orbia.

Rules of Engagement Reminder
1/18/2024, 2:25:39 PM (12 months ago)

We want to express our gratitude for your active participation and assistance to our disclosure program, which plays a crucial role in ensuring the security and resilience of our systems.

However, we've observed instances where the testing has surpassed the allowed maximum requests per second, leading to a direct impact on our business. It is essential to emphasize the strict adherence to the program's rules and guidelines, particularly the specified rate limits for requests (2 req/second). We have also made updates to the rules, now requiring the use of the registered email address in addition to the request header fields.

Maintaining fairness and integrity in the disclosure program is of utmost importance to provide a balanced and positive experience for all participants. We kindly urge your cooperation in strictly adhering to the specified rules of engagement for the program.

We sincerely appreciate your continued efforts in assisting us in upholding a secure environment. Keep up the good testing work, but please ensure compliance with the rules!