# Allecta AI Security Contact
# This file follows the security.txt standard (RFC 9116)
# https://securitytxt.org/

Contact: mailto:security@allecta.ai
Contact: mailto:support@allecta.ai
Expires: 2027-12-31T00:00:00.000Z
Preferred-Languages: en
Canonical: https://allecta.ai/.well-known/security.txt
Canonical: https://www.allecta.ai/.well-known/security.txt
Policy: https://allecta.ai/security-policy
Hiring: https://allecta.ai/careers

# Allecta AI takes security seriously. We welcome responsible disclosure
# of any security vulnerabilities found in our platform.
#
# Scope: *.allecta.ai
# Out of scope: Social engineering, physical attacks
#
# We commit to:
# - Acknowledge receipt within 48 hours
# - Provide a timeline within 7 days
# - Not pursue legal action for good-faith reports
#
# Security features:
# - HTTPS enforced with HSTS preload
# - Content Security Policy (CSP)
# - Rate limiting and DDoS protection
# - SOC 2 compliant data handling
# - All data encrypted at rest and in transit