Vulnerability Disclosure Policy
Actuator Security follows a structured, transparent, and vendor-neutral responsible disclosure process. Independent research defaults to Google's established 90-day Project Zero guidelines, while requested or sponsored engagements follow custom confidentiality terms as requested.
1. Independent Research
Project Zero Aligned
Independent research follows the industry-standard Google Project Zero 90-day disclosure policy.
Vendors receive immediate notification, full technical detail & 90 days to remediate vulnerabilities prior to public disclosure.