SECURITY VULNERABILITIES

Managing vulnerabilities makes us stronger

We protect you by investigating all vulnerability reports and working quickly to address any issues.

Security researcher tracking vulnerability reports

It all starts with transparency

We work with security researchers to detect, respond to, and recover from security vulnerabilities.

How we track vulnerability reports

We use Bugcrowd for our Bug Bounty program to triage all externally provided reports, make sure they are within the rules of engagement, and confirm the necessary information. If the report is valid, we reward the researcher and remedy the issue.

Found something you want to report?

If you believe you’ve found a product or website vulnerability, you can also reach out to us directly at [email protected]. (Note: To be eligible for Bug Bounty rewards, you must submit through the Bug Bounty program.)

Our process for remediating findings

When we get a report, we first attempt to replicate the reported vulnerability. Once confirmed, we work to remediate the findings according to industry best practice timelines. 

How we keep you informed

We use Security Bulletins to publicly disclose vulnerabilities in our products and how we’ve worked to solve them.

Security Bulletins

We publish Security Bulletins when vulnerabilities are reported.
You can then evaluate how the incident impacts you, and how to protect yourself.

We publish Security Bulletins when vulnerabilities are reported. You can then evaluate how the incident impacts you, and how to protect yourself.

webpage

Security Bulletin: updates

PDF

List of vulnerabilities/patches

Coming soon