Security Notice

Scanner transparency & responsible disclosure

About Our Scanner

Coruzen Security performs passive, non-invasive security checks. Our scanner:

  • Only makes standard HTTP/HTTPS GET requests
  • Does not inject payloads or attempt exploits
  • Does not perform brute-force or denial-of-service actions
  • Identifies itself with User-Agent: CoruzenSecurityScanner/1.0 (+https://security.coruzen.com/legal/security-notice)
  • Respects robots.txt directives

Blocking Our Scanner

If you wish to block our scanner, you may add the following to your robots.txt:

User-agent: CoruzenSecurityScanner
Disallow: /

You can also contact us at security@coruzen.com to have your domain added to our blocklist.

Responsible Disclosure

Found a vulnerability in Coruzen Security itself? Please report it responsibly to security@coruzen.com. We follow a 90-day disclosure policy.