Sign in

Whitehat Support Tickets (security related issues)

Discovering Security Vulnerabilities

We encourage responsible security research of our services. We allow you to conduct vulnerability research and testing on our services to which you have authorised access. In no event shall your research and testing involve:

  • Accessing, or attempting to access, accounts or data that does not belong to you or your Authorised Users,
  • Any attempt to modify or destroy any data,
  • Executing, or attempting to execute, a denial of service attack,
  • Sending, or attempting to send, unsolicited or unauthorised email, spam or other forms of unsolicited messages,
  • Testing third party websites, applications or services that integrate with our Privacy Services,
  • Posting, transmitting, uploading, linking to, sending or storing malware, viruses or similar harmful software, or otherwise attempting to interrupt or degrade our Privacy Services
  • Any activity that violates any applicable law.

Reporting Security Vulnerabilities

If you believe you have discovered a security vulnerability issue, please share the details with us by sending an email to In reporting a potential security vulnerability issue you shall include the following:

  • An adequate description and information regarding the security vulnerability that will allow us to reproduce your steps and the issue
  • Your email address
  • Your name and Twitter handle as you would like us to publicly acknowledge your responsible disclosure

Any sensitive information provided in the email must be encrypted!

add information about our public key

Our security team will acknowledge receipt of your report within 24 hours, provide you with an estimated timetable for resolution of the vulnerability, notify you when the vulnerability is fixed, and, with your permission, publicly acknowledge your responsible disclosure.

Email communication between you and DPS, including without limitation, emails you send to us reporting a potential security vulnerability, should not contain any of your proprietary information. The contents of all email communication you send to us shall be considered non-proprietary. DPS, or any of its affiliates, may use such communication or material for any purpose whatsoever, including, but not limited to, reproduction, disclosure, transmission, publication, broadcast, and further posting. Further, DPS and its affiliates are free to use any ideas, concepts, know-how, or techniques contained in any communication or material you send to DPS for any purpose whatsoever, including, but not limited to, fixing, developing, manufacturing, and marketing products. By submitting any information, you are granting DPS a perpetual, royalty-free and irrevocable right and license to use, reproduce, modify, adapt, publish, translate, distribute, transmit, publicly display, publicly perform, sublicense, create derivative works from, transfer and sell such information.