Skip to content

Security: zerosixcyber/phantomwatch

Security

SECURITY.md

Security Policy

Reporting a Vulnerability

If you discover a security vulnerability in Phantomwatch, please report it responsibly.

Email: security@zerosixcyber.com

Please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

Response Timeline

  • Acknowledgment within 48 hours
  • Fix target: 7 days for critical, 30 days for others
  • Coordinated disclosure with 90-day window

Scope

  • Vulnerabilities in Phantomwatch's own code (BPF programs, userspace binary)
  • Detection bypasses (techniques that should be caught but aren't)
  • False negatives in built-in rules

Out of Scope

  • Vulnerabilities in dependencies (report upstream, but let us know)
  • Kernel vulnerabilities
  • Attacks requiring physical access to the host

There aren't any published security advisories