Submit bug report: http://statuspage.io@statuspageio
Policy
StatusPage takes security very seriously, and we thank all of the white hats in our community for their research and assistance. Below you will find our responsible vulnerability disclosure policy, as well as multiple methods to get in contact with us.
How to disclose an issue
The StatusPage.io disclosure program is managed through BugCrowd. To see the terms of the program and participate, go to BugCrowd and sign up as a tester. You will need to accept the StatusPage.io terms of service to engage in testing. If you have identified a vulnerability, please report it via BugCrowd to be eligible for a reward.
Visit the BugCrowd portal for the StatusPage.io bounty program.
Sensitive disclosures
If during the course of your testing you need to disclose an extremely critical vulnerability - remote code execution, private key leak, etc - you may contact us directly via secured email, private phone call, or in-person meeting. Please use these communication mediums judiciously.
Email: security@statuspage.io (must be encrypted with pgp)
Phone: +1 (855) 787-7446
Physical: please get in touch to arrange an in-person meeting
Policy:
https://bugcrowd.com/statuspage
