security policy

security policy alzayat law firm Egypt's first international law firm

Security Policy

Alzayat Law Firm – Egypt’s First International Law Firm

At Alzayat Law Firm, we are committed to maintaining the highest standards of security and confidentiality in all aspects of our operations. Protecting the data and systems of our clients, partners, and our own infrastructure is of critical importance to us.

🛡️ Security Policy

This Security Policy outlines our commitment to information security, how vulnerabilities should be disclosed, and what actions we take to ensure data integrity, privacy, and compliance.

🔒 Our Commitment to Security

  • End-to-end encryption of data in transit and at rest.
  • Firewalls, intrusion prevention systems, and access controls.
  • Secure coding standards and code audits.
  • Cloudflare Web Application Firewall (WAF) and DDoS protection.
  • Regular updates and security patches to our infrastructure and website.

We continuously monitor for potential vulnerabilities and work with trusted security experts to prevent, detect, and respond to threats.

📢 Responsible Disclosure Policy

If you believe you’ve found a vulnerability in our website, systems, or digital infrastructure, we encourage you to report it to us as soon as possible.

We appreciate and respect ethical security research, and we’re committed to working with the security community to verify, address, and resolve any legitimate concerns.

To report a security issue, please email:
📩 [email protected]

Please include the following in your report:

  • A detailed description of the vulnerability.
  • The affected domain or system (e.g. alzayatfirm.com).
  • Step-by-step instructions to reproduce the issue.
  • Any supporting screenshots or logs.
  • Your contact information (optional, if you wish to be acknowledged).

We aim to acknowledge all legitimate reports within 5 business days.

🧾 Scope of Disclosure

This policy applies to all services and domains owned and operated by Alzayat Law Firm, including but not limited to:

  • www.alzayatfirm.com
  • Client portals or secure login areas (when available)
  • Email communication systems
  • Data storage and backup infrastructure

Vulnerabilities related to third-party services (e.g., social media platforms or payment providers) should be reported directly to those service providers.

✅ Legal & Ethical Guidelines

Please adhere to the following when testing or reporting vulnerabilities:

  • Do not attempt to access private data of other users.
  • Do not perform any action that could negatively impact our services (e.g., DoS attacks).
  • Do not use automated scanning tools that degrade site performance.
  • Do not share vulnerability details publicly until we’ve had adequate time to investigate and patch.

This policy supports responsible behavior and does not grant permission to probe or exploit systems beyond what is necessary to demonstrate a finding.

🤝 Recognition & Acknowledgments

We maintain a Security Hall of Fame to recognize individuals who help improve our security through responsible disclosure.

View our Security Hall of Fame

📜 Policy Updates

This Security Policy is reviewed regularly and may be updated at any time to reflect changes in our infrastructure, legal requirements, or best practices.

Last updated: April 17, 2025

📩 Contact Us

If you have any questions regarding this policy or require further clarification, feel free to contact us at:

📧 [email protected]
🌐 https://alzayatfirm.com