Hopp til innhold

Responsible Disclosure

Our Commitment to Security

At Vespa.ai, we take the security of our products and services seriously. We value the contributions of security researchers who help us identify and address potential vulnerabilities. This Responsible Vulnerability Disclosure Program outlines how security researchers can responsibly report potential vulnerabilities to us.

We encourage security researchers to report potential vulnerabilities they discover in our products or services through our dedicated program on Intigriti. We are committed to working with researchers to investigate and address reported vulnerabilities in a timely and responsible manner.

 

How to Report a Vulnerability

Please submit your vulnerability reports through our Vulnerability Disclosure Program (VDP) in collaboration with Intigriti.

When submitting your report, please include as much detail as possible, including:

  • A clear description of the vulnerability
  • Steps to reproduce the vulnerability
  • Any potential impact of the vulnerability

Bug Bounty

We currently do not have a public bug bounty program. All reports should be made through our VDP. We may award a bonus for any accepted issues. The amount of any award will be based on the quality of the report and the severity of the issue.

 

Our Commitment to Researchers

We value the contributions of security researchers and are committed to working with them in a responsible and collaborative manner. We will:

  • Acknowledge receipt of your report within 3 business days
  • Keep you informed of the progress of our investigation
  • If you have followed the guidelines and rules of engagement as described above, we will not take any legal action