SECURITY VULNERABILITIES
Managing vulnerabilities makes us stronger
We protect you by investigating all vulnerability reports and working quickly to address any issues.
It all starts with transparency
We work with security researchers to detect, respond to, and recover from security vulnerabilities.
How we track vulnerability reports
We use Bugcrowd for our Bug Bounty program to triage all externally provided reports, make sure they are within the rules of engagement, and confirm the necessary information. If the report is valid, we reward the researcher and remedy the issue.
Found something you want to report?
If you believe you’ve found a product or website vulnerability, you can also reach out to us directly at [email protected]. (Note: To be eligible for Bug Bounty rewards, you must submit through the Bug Bounty program.)
Our process for remediating findings
When we get a report, we first attempt to replicate the reported vulnerability. Once confirmed, we work to remediate the findings according to industry best practice timelines.
How we keep you informed
We use Security Bulletins to publicly disclose vulnerabilities in our products and how we’ve worked to solve them.
Security Bulletins
We publish Security Bulletins when vulnerabilities are reported.
You can then evaluate how the incident impacts you, and how to protect yourself.
We publish Security Bulletins when vulnerabilities are reported. You can then evaluate how the incident impacts you, and how to protect yourself.
webpage