Our Responsible Disclosure Policy
Quantstamp holds deeply the trust that our customers place in us. Therefore, the security of our platform is of utmost importance to us. If you are a security researcher and have discovered a security vulnerability in one of our services, we appreciate your help in disclosing it to us in a responsible manner. Quantstamp will engage with security researchers when vulnerabilities are reported to us in accordance with this policy. We will validate and remediate vulnerabilities in accordance with this policy. Quantstamp reserves all of its legal rights in the event of any noncompliance.
Quantstamp runs a bug bounty program for many of our services. We encourage security researchers to share the details of any suspected vulnerabilities with the Quantstamp Information Security Team by sending an email to [email protected].
In reporting any suspected vulnerabilities via email, please include the following information:
- Detailed information with steps for us to reproduce the vulnerability
- Your email address
- Whether you would like to be considered for our bug bounty program