We take security seriously. If you discover a vulnerability in SentinelAI, please report it responsibly.

1. DO NOT open a public GitHub issue for security vulnerabilities.
2. Email us at: threatvec@proton.me
3. Include:
   • Description of the vulnerability
   • Steps to reproduce
   • Potential impact
   • Suggested fix (if any)

• 24 hours: Acknowledgment of your report
• 72 hours: Initial assessment and severity rating
• 7 days: Fix development and testing
• 14 days: Patch release (critical vulnerabilities may be faster)

We appreciate responsible disclosure. Security researchers who report valid vulnerabilities will be:

• Credited in our CHANGELOG (unless they prefer anonymity)
• Added to our Security Hall of Fame

When using SentinelAI:

1. Keep it updated - Always use the latest version
2. Protect your config - sentinelai.yaml may contain sensitive settings
3. Secure scan results - Reports may contain details about vulnerabilities
4. Local-first - The dashboard runs locally; don't expose it to the internet without proper auth

SentinelAI - Copyright (c) 2026 threatvec & talkdedsec. All rights reserved.