Security & responsible disclosure

Security is our profession. If you believe you've found a vulnerability in our platform, we want to hear from you.

Reporting a vulnerability

Email operations@hybridelites.com with a clear description, steps to reproduce, and the potential impact. Our machine-readable contact details are published at /.well-known/security.txt (RFC 9116).

Guidelines (safe harbour)

• Act in good faith, avoid privacy violations, data destruction and service disruption.

• Only test against your own account/data — do not access, modify or exfiltrate other users' data, operator locations or mission information.

• Give us reasonable time to investigate and remediate before any public disclosure.

• Do not use social engineering, physical attacks, or denial-of-service.

If you follow these guidelines, we will not pursue or support legal action against you for your research, and we will work with you on a fix.

Scope

Our web platform and APIs at hybridelites.com and its application subdomains. Third-party services we rely on (e.g. payment processors, authentication) should be reported to those providers directly.

What to expect

We acknowledge reports as quickly as we can, keep you updated on remediation, and credit researchers who wish to be named once an issue is resolved.

Contact

operations@hybridelites.com · Call +234 8163 509 627 · WhatsApp +38 066 1055 297.