Reporting a Security Vulnerability

If you discover a security vulnerability in any nauticAi product, please report it to us at security@nauticai.com.

What we ask:

• Give us reasonable time to address the issue before any public disclosure.
• Provide enough detail for us to reproduce and assess the vulnerability.
• Do not access, modify, or delete data belonging to others during your research.

What we commit to:

• Acknowledging your report within 5 business days.
• Keeping you informed of our progress toward a fix.
• Not pursuing legal action against good-faith security researchers who follow this policy.
• Crediting you in our resolution disclosure, unless you prefer to remain anonymous.

Scope: All nauticAi products and services, including our onboard electronic logbook systems.

Out of scope: Social engineering, physical attacks, and denial-of-service testing.

Contact: security@nauticai.com