We take responsible vulnerability disclosure seriously. If you identify a potential security issue affecting an internet-facing Quanten Security service, report it promptly using the contact below.
Reporting contact
Email: info@4eck-media.de. If encryption is required, request the current PGP details before sending sensitive exploit material or secrets.
Scope
- Internet-facing services operated by Quanten Security are in scope.
- Denial-of-service testing, social engineering, physical attacks, and third-party systems are out of scope.
- Testing must not harm availability, integrity, confidentiality, or other users.
Response targets
- Initial acknowledgement target: two business days.
- Triage target: five business days.
- Resolution timelines depend on severity, exploitability, and affected systems.
Machine-readable security.txt
The canonical machine-readable file is available at /.well-known/security.txt. The compatibility path /security.txt serves the same content.
The machine-readable file mirrors this contact and scope guidance. It omits an Encryption field until a public key URL is approved; request current PGP details by email before sending sensitive exploit material or secrets.
Contact: mailto:info@4eck-media.de Preferred-Languages: en, de Canonical: https://quanten-security.4eck-dev.de/.well-known/security.txt Policy: https://quanten-security.4eck-dev.de/legal/security-txt/
The active file generates a rolling Expires timestamp and should be reviewed before publication if the production domain, contact route, or approved encryption key changes.