Skip to content

Security and Responsible Disclosure

Last updated 24th April 2025

At EverC, we are deeply committed to the security and privacy of our customers, partners, and systems.

Although we do not operate a public bug bounty program, we value the contribution of independent security researchers and welcome reports about potential vulnerabilities discovered in our services.

How to Report

If you believe you’ve found a vulnerability or security issue in any EverC system, please contact us at: ask-security[at]everc[.]com

We encourage reports that include:

  • Do not exploit the vulnerability or access data that does not belong to you
  • Avoid any actions that could degrade our service or compromise data integrity
  • Refrain from using automated tools to scan our services
  • Comply with all applicable laws

 

Our Commitment

If you report a security vulnerability in good faith, we commit to:

  • Acknowledging your report within 5 business days
  • Investigating and validating the issue promptly
  • Keeping you informed on remediation progress
  • Not pursuing legal action if your research is conducted responsibly and in good faith

 

Please note: EverC does not offer monetary rewards or public recognition for reported vulnerabilities at this time.

Thank you for helping us maintain a secure environment.