We take the security of DisasterConnect seriously. If you believe you have found a security vulnerability, please follow these steps:

1. Do Not disclose the vulnerability publicly until it has been addressed by our team
2. Email details of the vulnerability to saqlainrazee@gmail.com
3. Include the following information:
   • A description of the vulnerability
   • Steps to reproduce the issue
   • Possible impacts of the vulnerability
   • Any suggested fixes (if available)

• You will receive a response acknowledging your report within 48 hours
• We will investigate and provide updates on the status of your report
• Once the vulnerability is confirmed and fixed, we will notify you
• We will publicly acknowledge your responsible disclosure, unless you prefer to remain anonymous

When deploying DisasterConnect:

1. Always use the latest version
2. Configure proper authentication
3. Use strong passwords and API keys
4. Keep all dependencies up to date
5. Follow the security guidelines in our documentation