Vulnerability Disclosure

Last Updated: November 8, 2024
Data security is a top priority for Kustomer, and Kustomer believes that working with skilled security researchers can identify weaknesses in any technology. If you believe you’ve found a security vulnerability in Kustomer’s service, please notify us; we will work with you to resolve the issue promptly.

Disclosure Policy

If you believe you’ve discovered a potential vulnerability, please let us know by using the form below. Keep in mind that reviewing and validating your findings may take some time. Please do not disclose or share details about the submission without explicit written permission from the Kustomer Security team.

In your testing, please make a good-faith effort to:

  • Avoid compromising privacy, destroying data, or disrupting Kustomer’s service.
  • Only interact with domains you own or those for which you have explicit permission from the account holder.

Exclusions

While researching, we’d like you to refrain from:

  • Distributed Denial of Service (DDoS) attacks
  • Spamming
  • Social engineering or phishing of Kustomer employees or contractors
  • Attacks against Kustomer’s physical property or data centers

Thank you for helping to keep Kustomer and our users safe!


Vulnerability Submission Form

Please provide as much information as possible to help us reproduce and resolve the issue. Including an email address is recommended for ongoing communication as needed.


Changes

We may revise these guidelines from time to time. The most current version of the guidelines will be available on this page.


Responsibility

The Kustomer Security team is responsible for enforcing this policy.

linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram