How do I disclose a security issue?

Disclose security issues

We welcome reports of issues or possible vulnerabilities as part of our responsible disclosure program. At this point, we don't run a bug bounty program.

If the nature of the security issue is sensitive, please provide the following:

  • Send us an email to and encrypt this message using our public PGP key.
  • Give enough detail to enable us to reproduce the flaw so that it can be remedied as soon as possible. The computer’s IP address or ICT system’s URL and a description of the security flaw is usually sufficient. The more complicated the flaw, the more detail we will require.
  • Leave your contact details so that we can contact you later. At least an email address or telephone number.
  • Report the flaw as soon as possible after discovering it.
  • Do not share any information about the flaw with others until it’s remedied.
  • Deal responsibly with the information in your possession. Do nothing beyond what is necessary to demonstrate the security flaw.

Tip: For more information check out our Responsible Disclosure Policy.

The integration security guide

Follow best practices to reduce security risks.

View integration security guide
The illustration of support agent wearing a headset.

Do you need additional help?

Contact our support team

Send us the details of your issue by adding images or screenshots.

Submit a request