Direct line
We route by topic. Pick the path that matches your situation below.
Response expectations
What brings you here?
Join the active cohort
Early access means you use the platform in its current development state and provide direct feedback on what matters most for your workflow. You get access to capabilities before they are public and influence what the next milestone prioritizes.
Program operators, consultancies, AppSec teams
If you run a bug bounty program and want cleaner submissions from hunters using RaSEC Hunt, or if you are a consultancy wanting to trial overnight agentic hunts on client engagements, or an AppSec team wanting to integrate into your SDLC — start with the partners page to understand which model fits your situation.
Platform vulnerabilities, not target bugs
For vulnerabilities in the RaSEC Hunt platform itself — not findings from a hunt on a third-party target, but actual bugs in our own application — we follow coordinated disclosure. We respond to verified reports within 5 business days and aim to patch critical findings within 30 days.
Platform and workflow questions
Many common questions are answered in the FAQ. If your question is not there, sign in and use the workspace to ask directly. We monitor the workspace actively and route questions to the appropriate team.
Expectations
We publish these response expectations because we believe in honesty over "we will get back to you shortly."
| Topic | Expected timeline | How it is handled |
|---|---|---|
| Critical security vulnerability | 5 business days acknowledgement | Immediate triage |
| Partnership inquiry | 3-5 business days | Direct conversation |
| Early access request | Cohort-based, not first-come-first-served | Usage-based invitation |
| General platform question | FAQ first, then workspace | Async workspace channel |
Contact quality
We do not have a public email address or a contact form that accepts everything. Contact channels are shared during onboarding and partner outreach to keep communications high-signal and secure. The fastest path for most situations is signing in to the workspace.
If you are a journalist, researcher, or academic studying AI-assisted security testing, press and research inquiries are routed through the workspace after account creation.
We do not respond to: cold sales pitches for third-party tools, unsolicited SEO proposals, "AI content" offers, partnership requests that do not reference a specific model on the Partners page, or scope expansion requests submitted outside the official program process.
We do respond to: genuine early access questions, verified vulnerability reports, partnership discussions that start with a specific and honest description of what you are trying to achieve.
