At Deepgram, we take security seriously. We appreciate your help in keeping our projects and community safe by disclosing vulnerabilities responsibly.

If you believe you've found a security vulnerability in any Deepgram-owned repository, please report it to us via email at [email protected].

Please include the following information:

1. Description of the vulnerability
2. Steps to reproduce the issue
3. Potential impact of the vulnerability
4. Any potential solutions you've identified (optional)

After you submit a vulnerability report, you can expect:

1. Acknowledgement: We'll acknowledge receipt of your report within 48 hours.
2. Validation: Our security team will validate the issue.
3. Resolution Timeline: We'll provide an estimated timeline for resolution.
4. Resolution: Once resolved, we'll notify you.
5. Recognition: With your permission, we'll acknowledge your contribution.

While this repository primarily contains documentation, we still take security concerns seriously:

• Code examples should follow security best practices
• API keys in examples should be clearly marked as placeholders
• Security-related documentation should be technically accurate

When contributing content to this repository, please follow these security best practices:

1. Never commit real API keys or credentials
2. Use placeholder values for sensitive information (e.g., YOUR_API_KEY)
3. Ensure code examples follow secure coding practices
4. Document necessary security considerations for any implementations

For security updates relating to Deepgram products, please refer to the Deepgram Developer Documentation.

Major security updates will be communicated through:

• Release notes
• The Deepgram Developer Newsletter
• Deepgram Community Discord

Thank you for helping keep Deepgram and our community safe!