# Security policy for CRA Evidence
# https://craevidence.com/.well-known/security.txt
# RFC 9116 compliant - https://www.rfc-editor.org/rfc/rfc9116

Contact: mailto:security@craevidence.com
Contact: https://craevidence.com/contact
Expires: 2027-03-01T21:42:12Z
Preferred-Languages: en, de, es, fr, it, pl
Canonical: https://craevidence.com/.well-known/security.txt

# Our commitment to security
# As a CRA compliance platform, we take security seriously.
# We appreciate responsible disclosure of vulnerabilities.
# Our CVD policy follows ISO 29147/30111 standards.

Policy: https://craevidence.com/security#vulnerability-disclosure