Mavenlink makes the security of our product a top priority and we value the role the security community plays in this process. If you believe that you've found a potential security issue in any of our products, please let us know right away. We're committed to working closely with anyone with a desire to help keep users safe. We investigate all reports.
If you give us a reasonable amount of time to respond, verify, and fix your report before making any information public, and you make a good faith effort to avoid privacy violations, destruction of data, or degradation of our service during your research, we will not bring any lawsuit against you or ask law enforcement to investigate you.
Please do not submit the "Request a Demo", "Request Access", or "Live Chat" forms, as they require time from our support and sales teams. Testing of these features is outside the scope of our Responsible Disclosure Policy.
The following domains are in scope for this Responsible Disclosure Policy:
Vulnerabilities in scope include:
Please note that the following techniques and issues are not currently in scope:
The following domains are not currently in scope:
We are mainly interested in specific security bugs. While you are welcome to submit "best practices", chances are that we are already aware of and have considered them.
In order to test our full feature set, we recommend signing up for a free trial Premier account __.
We believe in giving credit where credit is due. If our customers end up more secure as a result of your work, we'll credit your discovery in our Security Hall of Fame. We may also offer small bounties at our discretion.
If more than one person submits the same issue the recognition will go to the first reporter. Please see the HackerOne guidelines for more info.
Mavenlink delivers enterprise-grade Software as a Service (SaaS) that transforms how businesses work with distributed teams, contractors and clients around the globe. Mavenlink's innovative technology suite enables organizations of any size to successfully manage and scale their people, projects, revenue and profitability. Consulting firms, creative agencies and professional services teams in more than 100 countries are running their businesses more efficiently and more elegantly with Mavenlink. Learn more at www.mavenlink.com __.
This program have been found on Hackerone on 2014-06-02.