Certly is committed to working with security experts across the world to stay up to date with the latest security techniques. If you have discovered a security issue that you believe we should know about, we'd welcome working with you. Please let us know about it and we'll make every effort to quickly correct the issue. We accept reports about our beta software and GitHub repositories (@certly).

Don 't report or attempt

• Physical attacks on us or our infrastructure
• Attacks on third parties
• Mail server misconfiguration
• DNS server/record misconfiguration
• SPF/DKIM misconfiguration
• Version disclosures
• TLS misconfiguration

Automation
Do not run automated scanners. Your IP will be blocked and you may be barred from participating in this program. If you use or copy and paste a report from an automated scanner, you will be blocked from reporting future bugs.

Thanks
We believe in recognizing the work of others. If your work helps us improve the security of our service. we 'd be happy to acknowledge your contribution. Monetary rewards are not yet given.