Skip to main content

Security

Found a vulnerability? We want to know. Here's how to tell us responsibly.

Responsible disclosure

If you discover a security vulnerability in IngenioLens, please email us at security@ingeniolens.com before disclosing publicly.

We will acknowledge your report within 48 hours, investigate, and aim to resolve confirmed issues within 14 days. We'll credit researchers who report valid vulnerabilities unless they prefer to remain anonymous.

What to include

  • A clear description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact assessment
  • Any proof-of-concept code (if applicable)

Our security practices

  • No authentication tokens stored in plain text
  • API keys validated server-side only
  • HTTPS enforced on all endpoints
  • Minimal data collection — less data means less risk
  • On-device AI options to eliminate server-side exposure
  • Open-source codebase — transparent to security researchers

Security contact: security@ingeniolens.com