Responsible disclosure

Reviving welcomes good-faith reports about security issues that could affect the website, the platform, or supporting systems. This page explains how to report issues safely and what information helps the security team respond quickly.

Email security Security overview

EffectiveApril 30, 2026

Last updatedApril 30, 2026

Program ownerReviving, Inc. security team

Reading time5 min read

This page is static and SEO-friendly by design. Final legal commitments should still be validated in signed contract materials where applicable.

How to report a vulnerability

Send reports to security@reviving.app. Include the affected URL, endpoint, or workflow, a concise description, reproduction steps, impact assessment, and any proof-of-concept details needed to validate the issue.

Use good-faith testing methods that avoid privacy harm, service disruption, or unauthorized access to customer data.

Safe testing expectations

Do not access, modify, or exfiltrate customer or patient data.
Do not perform denial-of-service testing or disruptive volume tests.
Do not use social engineering, phishing, or physical intrusion techniques.
Stop testing and contact Reviving immediately if you encounter real data or elevated access unexpectedly.

What to expect from Reviving

Reviving aims to acknowledge good-faith reports promptly, triage them according to severity, and keep reporters informed when practical.

Not every report results in a bounty, public acknowledgment, or a detailed remediation timeline. Reviving prioritizes validation, customer protection, and responsible remediation.

Emergency support

If you believe there is active exploitation or an urgent production risk, state that clearly in the subject line and report directly to the security channel.

Move your security review forward

Use the trust center to start document requests, understand our operating model, and route any privacy or security diligence questions to the right team.

Request diligence help Back to trust center