We build security platforms, and we expect to be held to the standard we sell. If you believe you have found a vulnerability in a Logara system, website, or platform, we want to hear from you — and we will treat your report with respect.
Email admin@logara.sa with the subject line DISCLOSURE. Include what you found, where, the steps to reproduce it, and its potential impact. If your report concerns sensitive data, say so in the subject line and we will arrange an encrypted channel before details are shared.
We acknowledge reports within one business day, keep you informed while we investigate, and tell you when the issue is fixed. We will not pursue legal action against research conducted in good faith within the scope below, and we credit researchers who wish to be credited.
Good-faith research means: no access to data beyond what is needed to demonstrate the issue, no degradation of service, no social engineering of Logara staff or clients, and no public disclosure before a fix is deployed. Testing against systems Logara operates for clients is out of scope — report what you observe, but do not probe further.
Findings without security impact (missing headers on static pages, version banners, clickjacking on pages with no state) are appreciated but unlikely to be prioritized.