iCabbi is committed to maintaining the confidentiality, integrity, and availability of our products and services. Security is fundamental to how we build, operate, and improve our platform.

We welcome vulnerability reports from researchers, customers, and partners who act in good faith and follow responsible disclosure practices. While we do not currently operate a public bug bounty program, we are preparing to launch a formal program and will share details here when available.

How to Report a Vulnerability

Please email security@icabbi.com with the following information:

• A clear description of the issue and the affected system/component
• Steps to reproduce (proof-of-concept where possible)
• Relevant logs, screenshots, or supporting details
• Your contact details for follow-up questions

What You Can Expect From Us

• We will acknowledge your report within 5 business days
• We will assess and prioritise valid vulnerabilities
• We will work to remediate confirmed issues in a timely manner
• We may contact you for clarification or additional details

Responsible Disclosure Guidelines

To protect our customers and services, we ask that you:

• Avoid data access beyond what is necessary to demonstrate the issue
• Do not modify or delete data, or disrupt service availability
• Do not use social engineering, phishing, or physical access attempts
• Do not publicly disclose the vulnerability until we have had a reasonable opportunity to investigate and resolve it
• We appreciate the contribution of the security community in helping us keep iCabbi safe and secure.

📩 security@icabbi.com