# Security Policy

## Supported Versions

| Version | Supported          |
| ------- | ------------------ |
| 0.0.x   | :x: |

## 🔒️ Reporting a Vulnerability

If you have identified a security vulnerability in system or product please `RayVentura` with your findings. We strongly recommend using our `PGP key` to prevent this information from falling into the wrong hands.

### Disclosure Policy

Upon receipt of a security report the following steps will be taken:

- Acknowledge your report within 48 hours, and provide a further more detailed update within 48 hours.
- Confirm the problem and determine the affected versions
- Keep you informed of the progress towards resolving the problem and notify you when the vulnerability has been fixed.
- Audit code to find any potential similar problems.
- Prepare fixes for all releases still under maintenance. These fixes will be released as fast as possible.
- Handle your report with strict confidentiality, and not pass on your personal details to third parties without your permission.

Whilst the issue is under investigation

- **Do** provide as much information as possible.
- **Do not** exploit of the vulnerability or problem you have discovered.
- **Do not** reveal the problem to others until it has been resolved.