Del Security

Del Security — "Nothing to Hide."

0-day research and security frameworks.

We discover undisclosed vulnerabilities, develop custom security tooling, and operate a private vulnerability submission program — with precise execution and trusted partnership from intake to closure.

Our Services Submit a vulnerability Get in touch
Transparency Precision Trust Partner-ready

We deliver transparent processes, detailed technical outcomes, and reliable partnership at every stage.

Services Overview

View all services

Technical Framework Development

Custom security frameworks, tooling, and methodologies — engineered with precision for your environment.

Vulnerability Research

Discovery and analysis of 0-day and undisclosed vulnerabilities with reproducible validation and partner-ready reporting.

Vulnerability Submission & Evaluation Program

A private channel for submissions, triage, validation, and structured coordination.

Trust Snapshot

NDA-first onboarding and least-privilege access for sensitive engagements.

Controlled validation environments with non-destructive PoC policies.

Encrypted communication channels and PGP-supported submissions.

Responsible disclosure coordination with partner timelines and embargo alignment options.

Read Trust & Compliance

Vulnerability Submission

Submission details

For Partners

Structured reports designed for engineering action: reproducibility, impact context, mitigation guidance, and practical validation details.

  • Partner communication channel with timeline coordination.
  • Embargo options and retest support.
  • Clear technical artifacts for internal patch workflows.

For Researchers

Rapid triage, discreet communication, clear acceptance criteria, and encrypted submission guidance. We keep milestones visible and expectations explicit.

  • Typical triage response within 24-48 business hours.
  • PGP-supported communication for sensitive details.
  • Reproducibility and evidence-focused evaluation.

FAQ

What does a partner-ready report include?

Reproduction workflow, impact framing, affected versions, mitigation options, and evidence from a controlled validation environment.

Can timeline and embargo be coordinated?

Yes. We coordinate responsible disclosure timelines with partners and product teams, including embargo windows when appropriate.

Do you offer retest support?

Yes. Retest can be scheduled to verify fixes and document residual risk before final closure.

What makes a submission actionable?

Clear scope context, reproducible steps, observed impact, affected versions, and supporting artifacts such as logs or PoC notes.

Can I submit discreetly?

Yes. We accept discreet submissions and support encrypted communication through our PGP key for sensitive exchanges.

Do you guarantee compensation?

No guaranteed amounts are offered. Evaluation is case-by-case based on impact, novelty, reproducibility, and affected versions.