Thank you for your concern
Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our subscribers from the latest threats. Your input and feedback on our security is always appreciated.
Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our subscribers from the latest threats. Your input and feedback on our security is always appreciated.
Please report security vulnerabilities via our contact e-mail addresses below. We’ll review your report and get back to you as soon as we can, usually within 72 hours.
Please e-mail our Security team if you have questions about the bug bounty program or don’t hear back from us within 72 hours.
Security e-mail: security@airmail.news
We work with security researchers to keep up with the state-of-the-art in web security. Have you discovered a web security flaw that might impact our products? Please let us know. If you submit a report, here’s what will happen:
Bounties range from USD $25 to $1,000 and scale according to impact and ingenuity, from an unlikely low-sensitivity XSS to a deep, novel RCE. One per bug; first discovery claims it; ties break toward the best written report.
The following areas are most important to us:
The following areas are considered out of scope and not eligible for a bug bounty:
The scope of security reporting is also limited to our domain at airmail.news. No other domains are within this scope.
We respect the time and talent that drives new discoveries in web security technology.
Adapted from the Basecamp open-source policies / CC BY 4.0