Click here to view important information about Water Billing online payments.
Select Page

Report a Security Vulnerability

Report a Security Vulnerability

Security vulnerabilities may be reported by email to: security@humbletx.gov

What to Include in a Report:

  • Your name and contact information
  • The affected website, system, application, or service
  • A description of the suspected vulnerability
  • Steps to reproduce the issue
  • Screenshots or supporting evidence (if available)
  • The date and time the vulnerability was discovered
  • Any known impact or risk

Responsible Disclosure Expectations

The City requests that anyone report a vulnerability:

  • Avoid disrupting City systems or public safety services
  • Do not access, modify, copy, delete, or disclose data that does not belong to you.
  • Do not perform denial-of-service testing.
  • Do not use social engineering, phishing, physical attacks, or malware.
  • Do not publicly disclose the vulnerability until the City has had a reasonable opportunity to investigate and address the issue.

City Review and Remediation

The City of Humble will review submitted vulnerability reports, create an internal tracking record, evaluate the reported issue, assign priority based on risk, and coordinate remediation with the appropriate department or vendor.

Reports involving Criminal Justice Information or CJIS-connected systems will receive priority handling and will be escalated according to City security procedures.

The City may contact the reporter for additional information when necessary and will provide updates when appropriate.

Good-Faith Reporting

The City appreciates good-faith efforts to improve the security of public systems. Reports submitted under this program help the City identify, evaluate, and remediate security issues before they can impact City operations or public safety.