Our responsible disclosure policy

At Crezco, the security of our customers and their data is our top priority. We deeply value the contributions of the security research community in helping us maintain a safe and secure environment. While we do not yet have a bug bounty program, to facilitate a collaborative approach to security, we have established a Responsible Disclosure Policy.

We encourage security researchers to responsibly disclose any potential vulnerabilities in accordance with OWASP's recommended practices. By following these guidelines, you can help us address issues promptly and effectively, ensuring the highest level of protection for our users.

If you identify a security vulnerability, please contact our security team at security@crezco.com. We request that you provide detailed information about the potential issue, including steps to reproduce it. Our team is committed to working with you to understand the nature of the problem and will keep you informed of our progress in addressing it.

Together, we can enhance the security of Crezco's services and contribute to a safer digital ecosystem. Thank you for your dedication and responsible approach to security.