Contact: https://github.com/navam-io/navam-io.github.io/security/advisories/new
Expires: 2026-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://www.navam.io/.well-known/security.txt
Policy: https://github.com/navam-io/navam-io.github.io/security/policy

# Navam Security Information

## Reporting Security Issues

If you discover a security vulnerability in Navam products or website,
please report it responsibly via GitHub Security Advisories.

We appreciate responsible disclosure and will acknowledge your contribution.

## Scope

This security policy covers:
- Navam.io website (https://www.navam.io)
- Navam Invest (https://github.com/navam-io/navam-invest)
- Moments (https://github.com/navam-io/moments)
- All repositories under https://github.com/navam-io

## Response Time

We aim to respond to security reports within 48 hours
and provide updates on remediation within 7 days.

## Safe Harbor

We support safe harbor for security researchers who:
- Make a good faith effort to avoid privacy violations and data destruction
- Only interact with accounts they own or with explicit permission
- Do not exploit vulnerabilities beyond demonstration
- Report vulnerabilities promptly

Thank you for helping keep Navam and our users safe!