<aside> 🛡️

Kayno Labs Bug Bounty Program

We welcome responsible disclosure from security researchers acting in good faith.

</aside>

Overview

Kayno Labs is committed to maintaining the security, confidentiality, and availability of customer data and AI systems. This Vulnerability Disclosure Program establishes a formal process for reporting, triaging, remediating, and documenting security vulnerabilities in alignment with SOC II Trust Services Criteria.

Policy objectives

• Provide a secure and documented channel for vulnerability reporting
• Ensure timely triage and remediation of reported issues
• Protect customer data and platform integrity
• Maintain audit-ready documentation for compliance purposes
• Support continuous security improvement

Scope

This program applies to systems owned and operated by Kayno Labs, including:

• kaynolabs.ai
• Douglass web application
• Public APIs
• Official infrastructure under Kayno Labs control
• Cloud-hosted production and staging environments

Out of scope

• Third-party SaaS providers not controlled by Kayno Labs
• Denial of Service testing