Lazaretto is a security product, and we hold ourselves to the same standard we ask of the artifacts we inspect. If you have found a vulnerability in our service, or believe we returned a wrong result, we want to hear from you.
Email security@lazaretto.dev. Please include enough detail to reproduce: affected endpoint or URL, steps, and any request/response evidence. For sensitive findings, ask us for an encrypted channel before sending details.
Lazaretto is a signals provider. If we returned malicious or flagged on
an artifact you publish and you believe it is wrong, use
disputes@lazaretto.dev. A missed detection (a false
negative) is equally welcome at the security address above — both make the product better.