responsible disclosure

Found a hole in our own front door?

We sell security, so we'd be embarrassed to run an insecure site. If you find a vulnerability in Harbova's own systems, we genuinely want to hear about it, and we'll thank you for it.

How to report

Email hello@ahmasoft.com with the subject "Security disclosure." Include what you found, where, and how to reproduce it. Screenshots or a short proof-of-concept help.

Our promise to you

If you report in good faith, we won't pursue legal action. We'll acknowledge your report quickly, keep you updated as we fix it, and credit you if you'd like.

Please do

Give us reasonable time to fix an issue before making it public. Only test against your own accounts. Stop and report as soon as you confirm a vulnerability.

Please don't

Access, modify, or delete other people's data. Run denial-of-service or automated high-volume attacks. Use social engineering or physical attacks against our team or providers.