Security at Lumin Digital

Policy

Lumin Digital welcomes collaboration with security researchers who wish to make inquiries or send vulnerability reports using the responsible disclosure process. While our Terms of Use do not authorize any external party to perform vulnerability or penetration security testing against this website, should a security issue be observed, we ask for your assistance with responsible disclosure to:

  • Privately and securely report the issue
  • Collaborate with us to confirm the issue
  • Provide a reasonable amount of time for us to resolve the issue
  • Embargo the release of details until the problem is resolved

While Lumin Digital does not presently operate a bug bounty program or otherwise compensate those who report issues, we may acknowledge contributors who follow this responsible disclosure process, if they identify themselves and permit attribution.

We will acknowledge all reports as soon as we can, usually within 24 hours. Lumin Digital’s security team respects and supports the knowledgeable and talented security researcher community and appreciates all efforts to responsibly disclose issues.

Reporting Procedure

Please send an e-mail to [email protected] along with details that permit us to fully understand the issue you are observing, and if possible, with screenshots, logs, URL’s with parameters, sample output, or steps to reproduce the issue that we can use to validate your report and identify the root cause. Please also provide information that allows us to respond to you for additional questions, and, to the extent we can, to apprise you on our progress in resolving the issue. If possible, please provide your IP address to allow us to correlate your activity in our logs for further diagnosis.

You may send us encrypted emails by using our public PGP key and please do so if any information you send is confidential. We have published our key on public key servers and you will also find it reproduced below:

-----BEGIN PGP PUBLIC KEY BLOCK-----
xsFNBGZEzrABEACs6dwq/ZQlD1hQYMoJpws59Je7fJS00FoMnPZ6z6BCmPg6
wBL9VXmaaycSHsnfHDGOhUAJd504Py+6EAuq8NSkndjyIK7euwDBiOe8wQDj
tx2LTlO2GaaPDYME9wMUrpc1AeffajBPmKqz8qSlzQ06CbY5ucdwwiihKupD
AttpKnrN3pJ7k2cBMM/kUFvdd7AP0JvSa59OddSJ7sY2auH7FeSLIjlq524I
swDtOsYBAsfs4X5I7ZslQzSVN4sZJwWWlsTfUjgc7Fh7jLni0bAgk2t3ELqF
E5x4J2Ax9sVl0PZfhvWMMKSGUh+keLUyHi5gKqFBXlLN481ZeXlZEgA/SIv/
FetCi0QqxZ1blVLj1jAFDR/7V3IqqtKdF3RAlIalnz/bv2ZebNHwC81MqPXQ
pWD9b99L7GESSdFm63P8110laTEb8NbCObJr9OFtkOUK2rVCneNncOLfBrWx
L1HayRty5nIGow0RZBQr2NxhqVGmBN1HSnv1MMpMGtB49+m31il0Nupdnn/A
9Rynx45VcRizMakt/ke19oXQyCe+4SUymJHbZupNvuG5sLC2vdxT2Py09Fun
sezlJUEYk02Q9Np86DNy8A3BvHdn9CDiWysrCyyNblMJHBBFQUhGgGPvYFuf
EgEm0n6i4IR5V+HQ+eoqaxdRSGAlESMniHRJfwARAQABzTpTZWN1cml0eSBE
aXNjbG9zdXJlIDxzZWN1cml0eS1kaXNjbG9zdXJlQGx1bWluZGlnaXRhbC5j
b20+wsGKBBABCAA+BYJmRM6wBAsJBwgJkPTYnDgLljoNAxUICgQWAAIBAhkB
ApsDAh4BFiEEhmva4wqshK3WxHOu9NicOAuWOg0AAH5nD/4qvvTu/VEGjmQT
ks+SkOGGhR/wCPDOp62HBIi5JBvCTt3WbtSB6DsXc7BHDFol4AaBtV4VZa/L
It2NjirsRUBXJzi3n4icxQ8L3y6GrNIvs+SK7p7sqB/giZT/kcUAQSKyQBI2
EZwa1NYRy88WxDzHmPoXOtZTEOJHGRIk1gvtlRF/HkzSb0QjQplD2nO//kct
1vz4mqm0PWd0tEbcMRE0Rfqy8wbYqXhodIobajT/rFySfdDnK19FzsgiRD8c
rKrkD7zCB89wdqXfKkv9poaz+pnDijX1oaY6WjSkfhAGtJ6vmbBlP1zQdMBk
Fl64Xk7OlE1H8Kg3YLkjAJMKxrpRcApYRzwlBrXDaOEXSsllhXr+gtI2lvLo
AG84cw1LDU2kzcwWktycW17Fzrb5y5tKCmdmn/gVAd+HnKmpAzbQQT7V8ok2
8xnb9aKf8rOoAqRcGxBM4PlUxCOcFWRHrGEQSVO8+2Nn0WzfZ+1vltEEm0Lb
CrlC6s6SuVEj1DJ8WgQHCVdOkt8PG0ZDsrOAEeHm3SfgpAn12bmT2s5cL6GX
n3+eYqPkrUuzLGe8Qh/OUSXwRYv2i9uCFdiSRjy46JGBEWWHQY4ZcXZ8b1tn
i9dovAzHi83cFQXGa+qseCTtkxOdHKN+hi86gOmIIKJx57HZBRjYROiF1RvV
srpHUeYwE87BTQRmRM6wARAAp2fHsW7cZu57qzj1E/RPPWanHE3eXtHWxOcO
6/Sb0kRMS+zUI8J9VD+GfYHPgPNFePZfhD0KPYppwOB9B7oKgPzK5rXf61Uw
E5WFIkeRnl2+2jEJOW5O7hl6kXUsKW35AoSaMKpueoR1WNkgdHGQTpM4B20W
TX+4EUyzijK4LYxEKeQnOG8ICJgKQU1t3pbSJ5rR5KySeF+W+bCnUuQBADxd
3Iab3rDDABgiywlG1alrc6NqI8S+c829iIK9MexLRPfOcriSX6wuE5UbR54I
ddkGSWVsr+CUql5xdpbvaA8kKd3Yvu/74SYY2ZbPZbC6KQqXRIDE56qURpAw
IuVvFp2DJwsrBozECQsjfg5DnCwuQn4QzI0HTUecxi1Bay7rRTW1Pb4Dzop8
M4uxiM8Jw0wqUntREDIeiQVyMriU4aQLeYPOqWX3zTsyAO1inZPsNGT6BD0H
4bgxcCn/71KPQgMYmT4mQXScrh2bQcLOqGcKTF4vAM/RRInhCZ6obh/p9B/G
NDSxzyzbTUbsBOCmruIivQ7HD2UtYQ7cY8Mq3hHSPNrWlEKZvHfMLa+dBDCf
rZ7euSLbo2P7ej4jh8ksh6gLMfoNMJh30mweiUjGRnsUL2t090ZW3+SsBfEl
1WrGmtgdVoBpUDjqFMqaaZna7olN1DbP+8Nu8dXKHgqS50UAEQEAAcLBdgQY
AQgAKgWCZkTOsAmQ9NicOAuWOg0CmwwWIQSGa9rjCqyErdbEc6702Jw4C5Y6
DQAAVBUP/22EWkdiiuClEtiXZnIL1zktHQ6POzA1ih1xfNFom/E8v6eXiwnl
i3xFst1eyxoT7wdUwmS/fWGJPx9k6aRmcp3YkzrV/Pi6kyH2TfZkmatwwwa8
OW3ULoItrTDIgXzz0qcq/3hXBLfDKrNHerMBdF+ILCa0KHhydNE0xfpuOras
21MWWjsV3tJHrfiKip2LDjB6BNL261niduNRuojCdfwNlSxSZS6xpl6febP2
qc9QglWeKv/juwh3V8NEx6J1qYF6R0gw9hzpAPAFpK/Wxw7XLsuKnENC/Dkr
Wf3q4pp2if9s9s25mbrbo6aDLg2c0j5JKleMBnwnTvHyg6gI3CyKlsMSdny1
jwU7EbvUpH/bZV4u9lO9QXmTYBwxHsNQRCkFAfSbfb551Y63vPEKOMwatkuw
CfcQsHY8lw+PbkA9cLaE9CtUTGVGD9rZO5KqK2PaHzBlS/oHcr3fTv73QSRW
u0Exo80nHb1Nv1+OwaOP/SEmaHKHEKnppX/VsytR6NCTkTxPohII3NhXyaz6
qWGvqz3kfHwPl8WEPa6WJ1UG3QG0LO9KhqJ/qa7dTbCvekQvjS4g7kZmX3CU
rYEegKfCUZWqGKUbDCZWPB8nMxyLwQW6Ni6PaPTX72x0/RoO+eJ/RcNsJenA
kVRudw3Jz0hA3Qi9sxa7qhz0+/8W4BAL
=Ghp7
-----END PGP PUBLIC KEY BLOCK-----

Acknowledgements

  • Mehul Bharat Lunagariy
  • Yash Vilas Chavhan
  • Bhaskar Tejaswi
  • Nikhil Rane
  • Gourav Sankalle