Responsible Disclosure Security Vulnerability
Keeping customer data safe and secure is a top priority for us.
Please Disclose Responsibly
At Openpentest, the security of our users and our platform comes first. If you believe that you have discovered a potential vulnerability on our platform or in any APIs, site or service, we would appreciate your help in fixing it fast by revealing your findings in accordance with this policy. Going public with security vulnerabilities can elevate the level of risk, so we urge you to keep such matters private until they can be addressed.
What’s research and what crosses the line ?
We welcome information from white-hat researchers. Responsible actions and revelations regarding Issuu are not of legal concern. Nevertheless, the following actions are not acceptable and will be reported to the proper authorities:
- Seeking to modify or destroy data
- Seeking to destroy Infrastructure
- Seeking to interrupt or degrade the services we offer to users
- Seeking to execute a Denial of Service attack
- Please test only for vulnerabilities on app systems. Areas hosted by third parties (e.g., apps.openpentst.com) are outside the scope of this policy.
Hall of Fame
Following are individuals and organizations that helped the openpentest in improving the security of the Organization's systems, data, and services by reporting security issues and vulnerabilities discovered.
- Florian Kunushevci