# Security Policy for signalplane.co (grc.engineering)
# Per RFC 9116 — https://www.rfc-editor.org/rfc/rfc9116

Contact: mailto:security@signalplane.co
Expires: 2027-04-12T00:00:00.000Z
Preferred-Languages: en
Canonical: https://signalplane.co/.well-known/security.txt
Policy: https://signalplane.co/trust.html

# If you find a vulnerability in our tools or infrastructure,
# please report it responsibly. We respond within 72 hours.
# Coordinated disclosure: 90-day window unless actively exploited.