Security

SECURITY.md

Security Policy

Reporting a Vulnerability

Please report security issues privately to:

support@sonuslearning.com

Include:

affected component/path
reproduction steps
impact assessment
suggested remediation (if known)

Response Targets

Initial acknowledgment: within 3 business days
Triage decision: within 7 business days
Remediation timeline: shared after triage based on severity

Disclosure

Please avoid public disclosure until a fix is deployed and users are protected.

Supported Surfaces

backend/ API and auth/session flows
sonus-react/ client runtime and admin surfaces
infrastructure-facing scripts used in production operations

There aren’t any published security advisories