CYCOGS® Website Vulnerability Disclosure Policy

Unsplash Armed Vulnerability Policeman

Please review our additional information in the CYCOGS® Company Website Legal Information Portal.

At this place you will find additional information covering the CYCOGS® Company Privacy Policy Statement and Privacy Notice, the use of Website Cookies, the Website Terms of Use and Disclaimer document, and End User Security Policy. 

The CYCOGS® Company Website Vulnerability Disclosure Policy covers Testing and Disclosure of security issues found on the CYCOGS.com website. 



We hope this provides guidelines for submitting potentially harmful and unknown security vulnerabilities discovered with the CYCOGS Company website. 

The CYCOGS® Company website is a secure, certificate based, Digitally encrypted HTTPs website.  If in doubt, CYCOGS.com is hosted at IP address # 69.167.149.99.  Customer data is not stored on this website and correspondence dealing with the Vulnerability Disclosure Policy (VDP) reporting with the CYCOGS® Company is to be done by E-mail, which is also not stored on this website. 

The CYCOGS® Company will not use your name, address, telephone or email information (your personal information) for purposes other than to contact you. 

CYCOGS Authorization:


The CYCOGS website utilizes a security.txt file, which refers to this CYCOGS Website Vulnerability Disclosure Policy page.  The security.txt file briefly covers four directives:  "Contact Information",  "Encryption Information",  "Disclosure Information"  and "Acknowledgement Information."  This file enables and allows security professionals and researchers to easily report security vulnerabilities to the CYCOGS Company. 

Please note that presence of our "security.txt" file in our website does not grant permission for security testing. 

Any such permission must be obtained in writing before any security testing or probing.  The CYCOGS Website Vulnerability Disclosure Policy allows for the reporting of incidental security issues found in the routine use of the web site.  (Such as “I clicked here and this issue came up.”)  It does not allow active or passive testing and to probe for security vulnerabilities. 

CYCOGS, LLC reserves the right for legal action against anyone in the general public, including corporate and government entities, that conducts vulnerability and penetration related activities that represent a bad faith effort to disregard our policy.  (IE: hackers trying to break in.)

CYCOGS Information on Website Vulnerability Disclosure and End User Data Security testing and reporting. 



Reporting a Website Vulnerability:


If you have a security issue or incident, or you have discovered a vulnerability to report and you submit a vulnerability report, you must know and acknowledge you will have no expectation of payment and that you expressly waive any current or future payment claims against the CYCOGS LLC Company.  (We will not pay for this reporting.) 

If you choose to submit a report, to coordinate with you, we will need your contact information.  Our website is devoid of customer information, and we do not require PGP-encrypted emails for vulnerability communications.  Our communications will be handled as openly and quickly as possible.  Please note, CYCOGS, LLC does not give you any permission to publicly disclose such communications, nor any permission to publicly disclose the security vulnerabilities or issues. 

This policy applies to the following systems and services:

*.CYCOGS.com (and any other sub-page or domain of CYCOGS.com) 

Any other CYCOGS website or service not expressly listed here, are excluded and are not authorized for testing. 

Any vulnerabilities discovered in other systems such as from the CYCOGS website ISP or other vendors, are not part of this policy and should be reported directly to that vendor according to their disclosure directive or policy.  (Start with their security.txt file.) 

Please refer to the https://CYCOGS.com/CYCOGS-EMailing page and use the “Web Master” E-mail address for the reporting.  We do accept anonymous submissions;  all submissions must be in English. 

We will prioritize submissions as we triage the impact of the reported issue.  We will not accept and do not solicit submission of excessive quantities of weak and low-quality reports. 

We recommend you detail the area or location the where the vulnerability was discovered and any estimated potential impact of such an exploit.  If possible, include compressed screenshots or web page  “View source”  code snippets. 

Our Response at CYCOGS:


If you sent your contact information with your report, we would acknowledge receipt of your report and would respond to the issue quickly and if possible. 

We will try verifying the existence of the vulnerability, and if you sent your contact information with your report, we will let you know the steps we used to remediate the issue for its resolution. 

CYCOGS Required Information:


We will need the location of the issue, hostname and URL.  For example:  https://CYCOGS.com/CYCOGS-Website-Vulnerability-Disclosure-Policy  

What is the vulnerability and potential impact? 

Please provide a description of the steps in detail needed to reproduce the vulnerability on our end. 

If possible, include compressed screenshots or web page  “View source”  code snippets. 

If you share your contact information, CYCOGS can contact you about the submission. 

CYCOGS Guidelines:


Any such permission must be obtained in writing before any security testing or probing.  The CYCOGS Website Vulnerability Disclosure Policy allows for the reporting of incidental security issues found in the typical use of the web site.  (Such as “I clicked here and this issue came up.”)  It does not allow active or passive testing and to probe for security vulnerabilities. 

Please notify the CYCOGS Company if you discover a security issue.  Routine reporting on potential issues, but for real actionable issues, we ask for submission as soon as possible. 

The CYCOGS LLC Company expressly forbids and does not authorize:


Unsolicited testing and probing for a vulnerability’s presence.  The Website Vulnerability Disclosure Policy for the CYCOGS Company does not condone using exploits against our web site. 

You may be prosecuted if you attempt to compromise or exfiltrate data, establish command line access, disrupt normal web site processing or use an exploit to reach into other systems.  Furthermore, any test that affects the web site performance like Network Denial of Service (DoS or DDoS) tests or any other activity that could damage, impair or alter the CYCOGS system, web site pages or our data is forbidden.  In addition, this includes our E-mail system and telephone communications with attempted social engineering exploits  (such as phishing, vishing).  Any unauthorized physical presence on or in our facilities or properties under the premise of Physical Testing will be considered and reported as trespassing for starters.  Visitors are not allowed to explore unattended and such activities as checking for unlatched/open doors, connecting to IT systems, photographing the facility is also considered and will be reported as trespassing.  This prohibition extends to CYCOGS, LLC vehicles (on or off our properties), personnel in public areas (like attempted cell phone hacking at an airport) to CYCOGS property at public venues like AI Robot shows or at customer sites. 

If you discover and/or verify a vulnerability exists, you are not allowed or authorized to access any such sensitive data.  Sensitive data include passwords, security tokens, session keys, database data not available to the public, personal or company identifiable information, financial, trade secret or other non-disclosed propriety information.  If you encounter sensitive data, you are to stop your assessments, remove and dispose any such data off your system or from other parties’ systems cooperating with you on this assessment, and you are forbidden to disclose this sensitive information with any other person or party.  This concludes the Website Vulnerability Disclosure Policy for CYCOGS.

Unsplash Gavel Vulnerability picture



For further Information on the Website Vulnerability Disclosure Policy for the CYCOGS Company web site or other policies, please see the CYCOGS® Company Website Terms of Use.
Legal issues related E-mails:  legal@CYCOGS.com

The CYCOGS® Company website is a copyright protected CYCOGS® Company evolving web document.