Responsible Disclosure Policy


Halo Security is dedicated to keeping its users' data protected. Security and trust are integral to our business, and one way of demonstrating that is by ensuring that the research community can easily notify us of security threats that may impact the safety of our users.

Halo Security will work with security researchers that report vulnerabilities to us in accordance with this policy. We will validate and fix reported vulnerabilities and won’t take legal action against those who report security vulnerabilities in accordance with this policy.



  • Provide us with the information needed and steps required to reproduce the issue
  • Include proof-of-concept code when available
  • Do not attempt to access user data outside of accounts you have created
  • Do not attempt to harm the availability of the service
  • Do not engage in social engineering attacks against Halo Security employees or customers
  • Do not disclose any confidential information without prior written consent from Halo Security
  • When in doubt, please email for guidance

To report a vulnerability, email the details to


We will investigate and respond as soon as possible.


If you have any questions, please email us at