UnboundCompute runs only against systems a customer is authorized to test and has explicitly placed in scope. Scope and rules of engagement are agreed before any testing begins.
We recommend pointing it at a staging or pre-production environment first, so testing happens away from real users and live data.
To do its work, the system processes the application's requests, responses, and the evidence behind a finding. We aim to handle the minimum needed to reproduce and prove a result.
Findings and their evidence are treated as confidential to the customer they belong to and are not shared across customers.
The system follows a governed loop: it designs each test against an authorized baseline, prefers read and verify over destructive actions, and records what it did so any finding can be replayed.
A confirmed crossing is delivered as a recorded request, the unexpected response, and a repeatable proof, not as an unverified guess.
If you believe you have found a security issue in our own website or systems, please tell us before disclosing it publicly, and give us a reasonable chance to fix it. We will work with you in good faith.
Report to riyan@unboundcompute.com.
Security questions, scoping, or disclosure:
UnboundCompute is in private access. This page describes our posture and will grow as the product does.