Security

Vulnerability disclosure program for EasyInsuranceQuotes.com.

Reporting a vulnerability

Email security@nazemoffplatforms.com with a description of the issue, the affected URL or endpoint, and reproduction steps. We acknowledge reports within 2 business days and aim to triage within 5.

Scope

The production website at easyinsurancequoting.com and any subdomain we operate.
The backend API at api.easyinsurancequoting.com.

Out of scope

Denial-of-service testing or automated scanners that generate traffic at meaningful volume.
Reports against third-party services (AWS, CloudFront, TrustedForm, CallRail, partner-agency systems).
Social engineering or physical attacks.

Safe harbor

If you make a good-faith effort to comply with this policy in the course of your testing, we will not pursue or support legal action against you. We treat reports confidentially and credit reporters (with their consent) once a fix has shipped.

security.txt

A machine-readable version of this policy is available at /.well-known/security.txt.