Vulnerability Disclosure Policy

We run our vulnerability disclosure program on HackerOne. It is currently a private, invite-only program, but will open up for public later.