Announces Sales

Acceleration Platform RevenueGrid

Vulnerability Disclosure Policy

Invisible takes security, trust, and transparency seriously. We appreciate the work of security researchers. We have developed a program to make it easier to report vulnerabilities to Invisible and to recognize you for your effort to make the Internet a better place. This policy provides our guidelines for reporting vulnerabilities.

Severity and Priority

Our focuses on security research are listed as ‘in-scope’ with their priority indicated.

In Scope

The applications listed under ‘in-scope’ are explicitly eligible for the report program. Any design or implementation issue that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. Common examples include:

While this list represents our primary focus for security research, we are interested in reports for all of our software and dependencies, especially if it impacts reasonably sensitive user data. This can include any open source libraries, software, or third-party components.

Out of Scope

The applications listed under ‘out of scope’ are explicitly ineligible. We will not disclose vulnerabilities reported regarding out of scope applications.

In addition, the following issues are outside of the scope of our program:

Known Issues

Any issues already known to us. These vulnerabilities are considered out of scope.

Contact Us

To report a vulnerability to Invisible, please email: [email protected] All aspects of this process are subject to change without notice and to case-by-case exceptions.