Minimize impact
Use the least invasive method needed to confirm the issue and avoid accessing data beyond what is necessary.
Smart Biz iT welcomes responsible reports of potential security vulnerabilities affecting its public systems. Do not access client data, disrupt services, use social engineering, or perform destructive testing.
Submit a Security ReportUse the approved contact path and provide the affected public asset, vulnerability type, reproduction steps, observed impact, supporting evidence, and a safe contact method. Stop testing when sensitive data, unauthorized access, service disruption, or material risk becomes possible.
Use the least invasive method needed to confirm the issue and avoid accessing data beyond what is necessary.
Provide repeatable steps, timestamps, affected URLs or systems, and sanitized screenshots or request details.
Do not publicly disclose an unresolved report before reasonable validation, remediation, and communication can occur.
Do not access, test, modify, download, or disclose client information or client-managed environments.
Do not perform denial-of-service, destructive testing, malware deployment, persistence, or data alteration.
Do not use phishing, impersonation, physical intrusion, credential attacks, or other social engineering.
Do not submit credentials, client data, or exploit material through an unapproved channel. Start with a high-level report and request a secure exchange method.
No. Submission does not expand authorization. Stop and request guidance before any activity that could create additional risk.
No. This page does not establish a bug bounty or guarantee compensation.