As part of our responsible disclosure policy, we partner with HackerOne to support researchers and continue to bring you the most secure environment possible.
Primarily, we do active threat hunting and monitoring as part of our risk management program. We also invite security researchers at-large to identify and report security flaws. Bonus, we pay you for finding notable issues that haven’t been reported.
Before and during testing against our environment, visit the HackerOne site to:
- Review the program details brief. Pay special attention to what's considered in-scope and out-of-scope targets. By identifying these critical issues, you're helping us make sure that Redox remains stable for all of our customers.
- Submit any bug reports. We don't consider issues reported outside HackerOne eligible for compensation.