Methodology

How evidence is collected, preserved, and presented on this site. Reading this page first is recommended for journalists, attorneys, and researchers.

Standards

This site adheres to the following sourcing standards on every page:

1. Primary sources only. Every factual claim links to a primary source: a CISA advisory, an NVD record, or an archived copy of a Gardyn public statement. Secondary press coverage is referenced but not relied on for factual claims.
2. Verbatim quotation, not paraphrase. Where Gardyn statements are quoted, they are quoted verbatim with quotation marks. Any paraphrase is marked as paraphrase.
3. Immutable archives. Every Gardyn page referenced is captured to the Internet Archive’s Wayback Machine. The capture URL and SHA-256 hash of the captured HTML are recorded alongside the citation.
4. Neutral framing. The site presents discrepancies between sources without characterizing them as deceptive, fraudulent, or willful. Readers are invited to draw their own conclusions.
5. Corrections welcomed. Any party, including Gardyn, may submit a correction via contact. Corrections will be processed promptly and noted with a dated correction log.

Chain of custody

For each archived document, the following are recorded:

• Wayback Machine capture URL (timestamped)
• SHA-256 hash of the captured HTML
• Local PDF copy hash
• Capture date and the maintainer’s access date

Where Gardyn updates a public document, the prior version is preserved alongside the new one with both archive links retained. The version history is part of the record.

Fair use statement

This site quotes from copyrighted Gardyn materials only to the extent necessary for commentary, criticism, news reporting, and security research. Such use is consistent with 17 U.S.C. § 107 fair use principles. Quoted material is limited to the portions necessary to document the claim being made; full documents are referenced via Wayback links rather than reproduced here.

What this site does not do

• It does not publish secrets, credentials, or technical exploit detail beyond what CISA and NVD have already published.
• It does not collect, retain, or analyze any data drawn from the affected exposure.
• It does not characterize Gardyn’s state of mind. It documents the public record only.
• It does not solicit donations, sell advertising, or accept affiliate revenue.

Independence

The maintainer has no commercial relationship with Gardyn, with Gardyn’s competitors, or with parties currently litigating against Gardyn. The site is funded out of pocket. If this changes, it will be disclosed here.

Submitting corrections

To submit a correction, including a correction from Gardyn or its representatives, email corrections@gardyn-security-incident.info. Corrections are appended with a dated note rather than overwriting the prior text, so that the correction record itself is part of the public archive.