Responsible Disclosure Policy

Effective Date: January 1st, 2025
Last Updated: March 1st, 2025

At XWIDE Business Solutions (XBS), we take the security of our systems, data, and users seriously. We are committed to protecting our platform and services from vulnerabilities and appreciate the responsible efforts of security researchers and ethical hackers who help us maintain a secure environment.

If you have discovered a security vulnerability in our website (www.joinxbs.com) or any related system, we encourage you to report it to us responsibly. This page outlines the rules, guidelines, and process for reporting vulnerabilities.

1. Scope

This policy applies to security vulnerabilities discovered in:

  • www.joinxbs.com and all its subdomains.

  • Any publicly accessible system owned by XBS.

  • XBS APIs and related integrations.

  • XBS customer portals, login pages, and forms.

This policy does not cover:

  • Social engineering attacks (e.g., phishing, impersonation).

  • Physical security vulnerabilities.

  • Third-party platforms that are outside XBS’s control.

  • Denial-of-Service (DoS) or Distributed Denial-of-Service (DDoS) attacks.

2. How to Report a Security Vulnerability

If you have identified a vulnerability, please follow these steps to report it responsibly:

  1. Send an Email: Contact us at hello@joinxbs.com with the subject line: Security Vulnerability Report.

  2. Provide Details: Include a detailed description of the vulnerability, including:

    • The affected URL or system component.

    • Steps to reproduce the issue.

    • Any proof-of-concept (PoC) code, screenshots, or logs.

  3. Give Us Time to Respond: We aim to acknowledge all reports within 5 business days and will work to resolve valid security issues as quickly as possible.

  4. Do Not Publicly Disclose: Allow us a reasonable amount of time to investigate and fix the issue before making any information public.

3. Responsible Research Guidelines

To ensure ethical security testing and avoid any legal implications, please adhere to the following guidelines:

  • Act in Good Faith: Do not exploit vulnerabilities beyond necessary testing to prove their existence.

  • Do Not Access Private Data: If you discover sensitive information, report it immediately without accessing, modifying, storing, or sharing it.

  • Do Not Disrupt Services: Avoid actions that could impact the availability or performance of our services (e.g., DoS attacks).

  • Respect User Privacy: Do not attempt to access other users' data or personal information.

  • Comply with Laws: Ensure your security research does not violate any applicable laws or regulations.

4. What You Can Expect from Us

When you report a security issue responsibly, we will:

  • Acknowledge receipt of your report within 5 business days.

  • Investigate the vulnerability and keep you updated on the resolution process.

  • Take necessary action to fix valid security issues promptly.

  • Recognize your contribution (if permitted) by listing your name in our Hall of Fame or offering a token of appreciation.

We do not provide monetary rewards or bug bounties at this time.

5. Legal Safe Harbor

XBS will not take legal action against individuals who:

  • Follow this Responsible Disclosure Policy in good faith.

  • Avoid any malicious activities or exploitations.

  • Refrain from disclosing vulnerabilities publicly before we have resolved them.





However, if we determine that an individual has acted maliciously, engaged in unauthorized access, or violated any laws, we reserve the right to take appropriate legal action.

Contact Us

If you have any questions or need further clarification, please contact us at:

Email: hello@joinxbs.com

Website: www.joinxbs.com

We appreciate your efforts in making XWIDE Business Solutions a safer platform for all users. Thank you for your contribution to security!