Breach Horizon
Coordinated disclosure

Security disclosure policy

Breach Horizon is a passive public-surface scanner. We welcome reports about the website, APIs, and scanner output that help keep the service accurate and safe.

What to report

  • Vulnerabilities in breachhorizon.com, its API endpoints, or report rendering.
  • Scanner behavior that appears intrusive, unsafe, or materially inaccurate.
  • Data exposure involving submitted domains, contact forms, or report requests.

What not to send

Do not send secrets, credentials, private keys, internal network data, or third-party personal data. Do not run intrusive testing, exploitation, denial-of-service testing, spam, social engineering, or authenticated checks.

Response window

Send reports to [email protected]. We aim to acknowledge credible reports within three business days and provide remediation updates as appropriate.

See what attackers see — before they do.

Run the free passive scan, get a prioritized fix plan, and close the gaps yourself or have us do it for you.