Responsible Disclosure
Last modified on May 9, 2024
PURPOSE AND SCOPE
Data security is a top priority for Cobalt AI, and Cobalt AI believes that working with skilled security researchers can identify weaknesses in any technology. If you believe you’ve found a security vulnerability in Cobalt AI’s service, please notify us; we will work with you to resolve the issue promptly
POLICY
- If you believe you’ve discovered a potential vulnerability, please email us at security [at] cobaltai.com. We will acknowledge your email within five business days. You might be eligible for a “reward”.
- Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten business days of disclosure.
- Make a good-faith effort to avoid violating privacy, destroying data, or interrupting or degrading the Cobalt AI service. Please only interact with the domains you own or for which you have explicit permission from the account holder.
- Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability and a Proof of Concept (POC).
- Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services.
- Do not modify or access data that does not belong to you.
- Do not compromise the safety of the Cobalt Robot or expose others to an unsafe condition.
EXCLUSIONS
While researching, we’d like you to refrain from:
- Distributed Denial of Service (DDoS)
- Spamming
- Social engineering or phishing of Cobalt AI employees or contractors
- Any attacks against Cobalt AI’s physical property or data centers
And follow the Acceptable Use Policy Guidelines.
Thank you for helping to keep Cobalt AI and our users safe!
RESPONSIBILITY
The Security team is responsible for communicating and upholding this policy. For any questions/comments/concerns please contact us at security [at] cobaltai.com.
Contact Information:
26809 Warm Springs Blvd
Fremont, CA 94539
Telephone: (650) 781-3620
Email: security [at] cobaltai.com
Last modified on May 9, 2024
Open Source Disclosure
Cobalt AI may use and modify GPL-3 licensed open-source software.
The text of GPL-3 may be found here: https://www.gnu.org/licenses/gpl-3.0.en.html
Customers of Cobalt AI may contact security [at] cobaltai.com to receive a copy of any such modified software.