Do not engage in malicious activity
Examples include denial of service, viewing another user’s private data or modifying data without authorization.
Guidelines
Kibarua recognizes the importance of researchers who contribute to the security of our website. To encourage bug and vulnerability reports, we will commit to not bringing private action nor public inquiry against researchers who follow these guidelines such that the vulnerability:
- is reported to Kibarua via the above email as soon as possible
- is not published elsewhere
- exists on a domain owned by Kibarua (e.g. *.kibarua.co.ke*)
- is verifiable by the security team
Please include the following information in your submission:
- a proof-of-concept or demonstration of the vulnerability
- detailed instructions on how to reproduce the vulnerability
- an e-mail address we can contact you at
Recognition
Vulnerabilities that are deemed especially worthy by the security team may be rewarded in the following ways:
- a name or company of the researcher’s choosing published
- a special White Hat badge (shown below) awarded to the researcher’s kibarua account