If you're a security researcher and have found a security vulnerability on GeoService (or on one of our other products, GeoCare or GeoSales), we encourage you to let us know straight away. We will investigate all legitimate reports and do our best to quickly fix the problem.
Keep in mind a few things.
- When you submit the details, we put it into the engineering cycle and will fix it as soon as we can, depending on severity.
- We are unable to let the security researcher however know when the issue will be fixed, or provide progress updates.
We recognise and are open to rewarding security researchers who help us to keep people safe by reporting vulnerabilities in our services. However, being a small startup, our ability to provide monetary rewards is limited, so understand that although sometimes we may be able to provide some kind of reward, we are more inclined to provide some kind of Geo Swag as a way of saying thanks.
If you would like us to send you something, please include a mailing address when you send across your information.