At Telecom Mechanical Solutions, we value the contributions of the security research community. If you believe you’ve found a security issue in our systems, please report it responsibly.

Responsible Vulnerability Disclosure Policy

Telecom Mechanical Solutions (TMS) Responsible Vulnerability Disclosure Policy

Effective Date: 2025-09-09
Version: 1.0

1. Purpose

TMS is committed to protecting the security and privacy of our systems, data, and users. We recognize the important role that external security researchers play in identifying and responsibly disclosing potential vulnerabilities.

2. Scope

This policy applies to:

• All public-facing systems, services, and applications owned, operated, or managed by TMS.
• It does not authorize or cover testing against third-party services or systems that are not under our control.

3. Reporting a Vulnerability

If you discover a potential security vulnerability, please report it to us responsibly:

• Submit below
• Preferred format: Please include a detailed description of the issue, including steps to reproduce, potential impact, and any proof-of-concept code if applicable.

4. Our Commitment

• We will acknowledge receipt of your report within 5 business days.
• We will provide updates on remediation progress and notify you when the issue is resolved.
• We will treat all reports as confidential and will not disclose your identity without permission.

5. Safe Harbor

• If you make a good-faith effort to comply with this policy when reporting an issue, we will not pursue legal action against you.
• We ask that you:
  • Do not access or modify data that does not belong to you.
  • Do not disrupt services or exfiltrate sensitive information.
  • Give us reasonable time to remediate before public disclosure.

6. Recognition

We may acknowledge your contribution publicly (with your permission) once the vulnerability is remediated.

7. Contact

Questions about this policy may submitted here