Kadira __is committed to working with security experts
across the globe to stay up to date with the latest security techniques. If
you have discovered a security issue that you believe we should know about,
we'd welcome working with you. Please let us know about it and we'll make
every effort to quickly correct the issue.
THANKS
We believe in recognizing the work of others. If your work helps us improve
the security of our service, we'd be happy to acknowledge your contribution in
our Hall of Fame.
How to use Kadira
- Please use https://ui.kadira.io/ __to create your account
- We are using a lightweight client package __which needs to be installed on the application is being monitoring
- Please follow this guide __to get started with Kadira
- I recommend to use Telescope __Meteor application as the application is being monitoring with Kadira (Kadira is not responsible for the issues occurred on Telescope)
Scope
- We are looking for security issues on the Kadira web app located at https://ui.kadira.io/ __
- We are also looking at security issues with our client package __
- These includes all the communication happening in between client package, Kadira and the user
Out of Scope
- Issues on the http://support.kadira.io/ __. We are not maintaining that site.
- Issues on https://kadira.io __
- Automated tests against Kadira webapp or any of our underline services we used to communicate
- DDOS attacks against Kadira webapp or any of our underline services
- Social Engineering Attacks
- Phishing Attacks
- Issues on any application is being used with Kadira
- Interacting with other accounts without the consent of their owners
This program have been found on Hackerone on 2014-05-16.