Vulnerability disclosure
Found something? Tell us.
Coordinated disclosure
Email [email protected] with technical details, reproduction steps, and impact assessment. PGP key at /.well-known/security.txt.
Our commitment: Acknowledge within 24 hours. Triage within 72 hours. Resolution timeline communicated. Recognition in our security hall of fame.
Bug Bounty (active)
Critical
$5K-$10K
High
$1K-$5K
Medium
$250-$1K
Low
$50-$250
Incident response
If something goes wrong.
1
Detect
24/7 monitoring with automated alerting. SIEM aggregates logs from every service.
2
Contain
Affected systems isolated within minutes. Access revoked. Tokens rotated.
3
Eradicate
Root cause analyzed by security + engineering. Patches deployed.
4
Communicate
Customers notified within 72 hours of confirmed material incident.
5
Postmortem
Public postmortem published. Process improvements committed to and tracked.