Perimetro
Security

Responsible disclosure

We appreciate the security research community's contribution to raising the security level of our platform. If you've found a vulnerability in Perimetro Platform products or the perimetro.ai service, please report it according to the following rules.

Vulnerability report

Email: info@perimetro.ai with the [SECURITY] prefix in the subject. PGP key available at /.well-known/security.txt (RFC 9116). We respond within 2 business days.

Program scope

Domains: perimetro.ai, *.perimetro.ai. Components: Perimetro Platform (operator panel, mobile app, edge runtimes Aero/Tower/Connect, API). Exclusions: external vendors (Vercel, Google Workspace, Cloudflare) — please report directly to them.

Rules

  • Do not attempt to access other users' data.
  • Do not perform load testing or DoS without prior consent.
  • Do not publicly disclose vulnerabilities before disclosure coordination is complete.
  • Standard coordination period: 90 days from confirmed report.
  • We honour a hall of fame for reporters (anonymous or with name — your choice).