XDRagon Monitor watches your network, so its own security matters more than most software’s. This page covers two things: how to report a vulnerability to us, and how the platform itself is built and verified.
We want to hear about it — directly and privately, before anyone else does. Security reports get taken seriously, whoever they come from.
The authoritative version of our disclosure policy lives with the code: SECURITY.md in the XDRagon Monitor GitHub repository. If this page and that file ever differ, the repository wins.
Because the project is open source under Apache 2.0, you can audit every line you are reporting against — and verify the fix when it ships.
The short version of how the platform protects itself. The full engineering detail lives on the For Engineers page.
Send vulnerability reports to contact@t-secops.io, or head to the repository to read the canonical SECURITY.md and audit the code yourself.