- abide by our terms of service
- avoid the use of automated testing frameworks
- only perform testing with your own data
- include a proof of concept on how the vulnerability could be exploited
- do not disclose any information regarding vulnerabilities until we have a fix in place
Report a vulnerability
You can report vulnerabilities by contacting security@sequencehq.com.
Bug bounty scope
We’ve defined the scope of the bug bounty to exclude some services which are not critical to business or pose no risk to our customer data, or which we consider not suitable for the program at this time.In scope
- our dashboard and APIs, and other content hosted on the https://eu.sequencehq.com subdomain.
Not in scope
- https://www.sequencehq.com
- https://docs.sequencehq.com
- Phishing or social engineering, or otherwise trying to engage Sequence employees
- Denial of service attacks
- DNSSEC warnings