At insta, we take the security of our code and systems seriously. If you believe you have found a security vulnerability, we encourage you to report it to us as soon as possible in a responsible manner.

To report a vulnerability, please email us at [email protected] with a detailed description of the vulnerability and steps to reproduce it. Please refrain from publicly disclosing the vulnerability until we have had an opportunity to address it.

We appreciate your efforts in helping us maintain the security of our software and will do our best to respond to and resolve reported vulnerabilities in a timely manner.

When you report a security vulnerability to us, we will:

• Confirm receipt of your report within [X] business days.
• Investigate the issue to determine its scope and severity.
• Develop and implement a fix for the vulnerability.
• Communicate with you regarding the status of the fix and any necessary steps you should take.

To ensure the safety and privacy of our users and systems, we ask that you adhere to the following guidelines when reporting security vulnerabilities:

• Provide us with a reasonable amount of time to respond to and address the vulnerability before disclosing it to the public or any third parties.
• Refrain from exploiting the vulnerability in any way that could harm our users or compromise the integrity of our systems.
• Provide detailed information about the vulnerability, including steps to reproduce it and any additional context that may be helpful for understanding its impact.
• Be responsive to any requests for further information or assistance from our security team.

This security policy applies to all software developed and maintained by insta.

If you have any questions or concerns about our security policy, please contact us at [email protected].