Public bug bounty, coordinated disclosure policy, annual third-party pen test, and SOC 2 Type I in progress.
Reports at security@wbpomniseo.com. Payouts $100-$5,000 based on severity via HackerOne policy.
90-day coordinated disclosure. Public advisory once a fix is shipped and the majority of installs have auto-updated.
Annual third-party penetration test with public summary. SOC 2 Type I audit in progress.
EU data residency for the license server. DPA available on request.