Our Commitment
QSearch Security Research follows responsible disclosure practices. Security researchers who identify and report vulnerabilities in good faith deserve recognition and reward.
Security
Responsible
Disclosure
We value the security research community. If you've discovered a vulnerability, we want to hear from you — and we reward responsible disclosure.
Disclosure Guidelines
1. Report Promptly
Contact us as soon as you discover a potential vulnerability. Do not access, modify, or delete data beyond what is necessary to demonstrate the issue.
2. Use Secure Channels
Send your report via encrypted channels. We accept reports through Signal, Telegram, or Threema. For initial contact, email contact@qsearch.ch.
3. Include Details
Provide a clear description, steps to reproduce, affected systems, and potential impact. Screenshots or proof-of-concept code are appreciated.
4. Allow Time to Remediate
Give us reasonable time (typically 90 days) to address the vulnerability before any public disclosure. We'll keep you informed.
Recognition & Rewards
Researchers who follow our guidelines and report valid vulnerabilities will be:
- Acknowledged — credited in security advisories (with your permission)
- Rewarded — compensated based on severity and impact
- Protected — we will not pursue legal action against researchers acting in good faith
How to Reach Us
contact@qsearch.ch
Secure Communication
Signal — available on request
Telegram — available on request
Threema — available on request
Email us first and we'll share secure channel details.
For non-security inquiries, use our contact page.