Invisible.io Announces Sales
Acceleration Platform RevenueGrid
Vulnerability Disclosure Policy
Invisible takes security, trust, and transparency seriously. We appreciate the work of security researchers. We have developed a program to make it easier to report vulnerabilities to Invisible and to recognize you for your effort to make the Internet a better place. This policy provides our guidelines for reporting vulnerabilities.
Our focuses on security research are listed as ‘in-scope’ with their priority indicated.
The applications listed under ‘in-scope’ are explicitly eligible for the report program. Any design or implementation issue that substantially affects the confidentiality or integrity of user data is likely to be in scope for the program. Common examples include:
While this list represents our primary focus for security research, we are interested in reports for all of our software and dependencies, especially if it impacts reasonably sensitive user data. This can include any open source libraries, software, or third-party components.
The applications listed under ‘out of scope’ are explicitly ineligible. We will not disclose vulnerabilities reported regarding out of scope applications.
In addition, the following issues are outside of the scope of our program:
Any issues already known to us. These vulnerabilities are considered out of scope.
To report a vulnerability to Invisible, please email: [email protected] All aspects of this process are subject to change without notice and to case-by-case exceptions.