đĄī¸ Vulnerability Disclosure Program
Aevum Zenth welcomes security research conducted in good faith. We prioritize coordinated disclosure and will work with you to resolve any reported issues. All submissions are handled by our Global Information Security Office (GISO).
Our program is open to researchers worldwide. Authorized testing is permitted within scope boundaries without prior permission. Unauthorized testing outside scope may result in legal action.
In Scope
- All public-facing web applications & APIs (*.aevumzenth.com, *.zenthdigital.io)
- Mobile applications (iOS & Android) published by Aevum Zenth
- Cloud infrastructure endpoints & customer portals
- Hardware IoT devices manufactured or distributed by Zenth divisions
- Employee-facing intranet systems (authenticated only)
Out of Scope
- Denial of Service (DoS/DDoS) attacks against production systems
- Social engineering, phishing, or physical security testing
- Third-party services not owned or operated by Aevum Zenth
- Automated scanning without prior coordination
- Issues discovered through compromise of end-user accounts
đ Submit a Report
Your submission has been received. GISO will acknowledge within 48 hours. Case ID will be provided via secure channel.