Vulnerability Disclosure Program (VDP)

At Draft Alpha, our products are built with a customer-first approach, embedding the three core pillars of cybersecurity - integrity, confidentiality and availability - to safeguard sensitive data and uphold customer trust at every level. We recognize the valuable role that security researchers play in helping us maintain these pillars by identifying and reporting vulnerabilities. If you discover a security issue, we encourage you to report it to us responsibly.

Our Security Pillars

Confidentiality: We implement robust access controls, encryption, and secure data storage practices to protect sensitive information

Availability: We maintain redundant systems, backup strategies, and disaster recovery plans to ensure consistent service uptime

Integrity: We enforce robust authentication, authorization, and data validation processes to maintain data accuracy and trustworthiness

How to Report a Vulnerability

If you believe you have found a security vulnerability in our platform, please report it by emailing us at:

security@draftalpha.com

When submitting a report, please include:

A detailed description of the vulnerability, including the potential impact

Steps to reproduce the issue
Any relevant screenshots, proof-of-concept code, or logs

Responsible Disclosure Guidelines

We ask that you:

Act in good faith and avoid privacy violations, data destruction, or service disruption
Allow us a reasonable time to investigate and resolve the issue before publicly disclosing it
Comply with all applicable laws and regulations

Our Commitment

We will acknowledge receipt of your report within 2 business days
We will investigate the issue and provide updates on our progress
If applicable, we will credit you for your responsible disclosure (subject to our policy)

Scope of the Program

In Scope:

Security vulnerabilities in Draft Alpha's web application, APIs, and services

Out of Scope:

Social engineering, phishing, or physical security attacks

Denial-of-service (DoS) attacks
Reports related to outdated software without a working proof-of-concept exploit

We appreciate the efforts of security researchers in helping us keep Draft Alpha secure. If you have any questions, feel free to reach out at security@draftalpha.com.

Frequently asked questions

Simplify project planning, streamline collaboration, and boost productivity.

What is Draft Alpha?

Draft Alpha is a web application that helps UX teams create, manage, and scale consistent, on-brand product copy directly within their workflow.

Can I integrate Draft Alpha with other tools

Is Draft Alpha mobile-friendly?

What kind of support does Draft Alpha offer?

Can I try Draft Alpha for free?

Get Started

Take Your Product to the Next Level

Unlock consistent, on-brand UX copy at scale with AI

Book Demo

Brand Consistency