Public internet safety program

Secure the internet.

NullSquare identifies obvious, publicly visible security misconfigurations and privately notifies the organizations responsible for them.

Why you received a message

One of our automated agents observed a clear external signal on a domain associated with your organization. The message is a private notification intended to help your team review and reduce an exposed part of its internet attack surface.

What the program checks

The program is limited to obvious conditions visible from the public internet, such as an exposed service, open administrative interface, public development tool, directory listing, default deployment page, or similar misconfiguration that warrants review.

The agent gathers only enough context to identify the affected domain or service and explain the issue category.

What the program does not do

  • No password guessing, credential testing, or authentication bypass.
  • No exploitation, destructive testing, privilege escalation, or vulnerability chaining.
  • No collection of private files, customer records, source code, or authenticated content.
  • No publication, sale, or public indexing of discovered issues.

Privacy and data handling

Notifications are sent directly to an appropriate public contact for the domain. The detection session is discarded after the message is delivered, and NullSquare does not maintain a searchable database of findings from this program.

Minimal email delivery, abuse-prevention, and opt-out records may be retained separately. These records do not contain copied target data or exploit output.

Verify or respond to a notice

A legitimate Secure the internet message will never request credentials, payment, API keys, or access to your systems. You can reply to the message, request an opt-out, correct a contact, or verify its origin directly with NullSquare.

null@nullsquare.net
NullSquarePrivate notification. No public disclosure.