# netgo Incident Response contact
# Note: This contact is preserved for reporting possible security vulnerabilities to netgo - do not use this contact for other matters.

# Contact: security@netgo.de
# Expires: /
# Preferred-Languages: de, en
# Canonical: https://www.netgo.de/security.txt, https://www.netgo.de/.well-known/security.txt

# Reporting Vulnerabilities to netgo-group:
If you believe you have found a vulnerability affecting assets managed by netgo-group, please do not hesitate to contact us. 
netgo follows the "Responsible Disclosure" standard and appreciates the work of ethical hackers in discovering security vulnerabilities. 
Once a report was submitted, please allow a reasonable amount of time to resolve vulnerabilities (usually 90 days). 
In any case, you will receive an answer by netgo Incident handlers, usually within 24h.

# Bug Bounty:
Due to the way of how subsidiary-members of the netgo group are funded, it is currently not possible to provide any form of payment 
or any kind of bounty for any found flaw in our systems. (This section may change in future).