Responsible Disclosure Policy

Last Updated: June 2026

As a cybersecurity platform, we advocate for defensive security and responsible research. We appreciate the efforts of security analysts who report security anomalies in our systems. This page outlines the scope and guidelines for reporting weaknesses on thecyberlearn.in.

1. Reporting Process

If you identify a vulnerability (e.g. SQL Injection, XSS, Broken Access Controls) on thecyberlearn.in domain or related APIs, please notify the security team immediately by calling or writing to our hotline:

Please include a detailed outline of the bug, including steps to reproduce, request packets, or PoC screenshots.

2. Safe Harbor Rules

If you follow these rules during your research, we promise not to initiate legal proceedings against you:

• Avoid executing Denial of Service (DoS/DDoS) actions.
• Do not download, dump, or alter data belonging to other registered accounts.
• Give the security team reasonable time (e.g. 5 days) to patch the anomaly before publishing details.

3. Out of Scope Anomalies

The following are not eligible for evaluation under our program:

• DMARC/SPF/DKIM email configurations.
• SSL/TLS cipher suite recommendations (unless showing specific exploit proof).
• Social engineering or physical entry research against administrators.