# ============================================================================
# security.txt — RAYSolute Consultants
# https://www.raysolute.com/.well-known/security.txt
# ============================================================================
# Specification: RFC 9116 (Security.txt)
# Version: 1.0
# Last Updated: 2026-01-22
# ============================================================================

# Primary security contact for vulnerability reports
Contact: mailto:security@raysolute.com
Contact: mailto:aurobindo@raysolute.com
Contact: https://www.raysolute.com/security-report.html

# Expiration date (RFC 9116 REQUIRED field) - Max 1 year
Expires: 2027-01-22T23:59:59+05:30

# Canonical URL for this file
Canonical: https://www.raysolute.com/.well-known/security.txt

# Preferred languages for communication
Preferred-Languages: en, hi

# Security policy and responsible disclosure guidelines
Policy: https://www.raysolute.com/security-policy.html

# Acknowledgments page for security researchers
Acknowledgments: https://www.raysolute.com/security-thanks.html

# Hiring information for security roles (if applicable)
Hiring: https://www.raysolute.com/career.html

# ============================================================================
# ADDITIONAL INFORMATION (Non-RFC Comments)
# ============================================================================
#
# Organization: RAYSolute Consultants
# Industry: Education Consulting
# Website: https://www.raysolute.com
# Headquarters: Bengaluru, Karnataka, India
#
# Security Commitment:
# - We take security seriously
# - We respond to reports within 72 hours
# - We do not pursue legal action against good-faith researchers
# - We credit researchers who help us improve
#
# Scope:
# - *.raysolute.com
# - raysolute.com
#
# Out of Scope:
# - Third-party services
# - Social media accounts
# - Physical security
#
# Reporting Guidelines:
# 1. Provide detailed steps to reproduce
# 2. Include screenshots or proof-of-concept if applicable
# 3. Allow reasonable time for remediation
# 4. Do not access or modify user data
# 5. Do not disclose publicly before fix is deployed
#
# Expected Response Time:
# - Initial acknowledgment: 72 hours
# - Status update: 7 days
# - Resolution target: 90 days (severity dependent)
#
# Trust Signals:
# - This file is digitally signed (see below)
# - This file is served over HTTPS
# - This file follows RFC 9116 specification
#
# ============================================================================
# END OF FILE
# ============================================================================