The information on this page is intended for those interested in reporting security vulnerabilities to the BeyondTrust security team.
Data and product security are extremely important to us here at BeyondTrust. If you are a security researcher and you believe you have discovered a security vulnerability in one of our products or services, we would like to know about it so we can take steps to address it as quickly as possible.
To submit a security vulnerability to BeyondTrust, please e-mail your findings to firstname.lastname@example.org. Please be sure to encrypt your findings using our PGP key (found below), and include as much detail as possible in order to reproduce the problem. We will handle your report with strict confidentiality, and will not pass on your personal details to third parties without your permission.
A member of the BeyondTrust security team will make reasonable efforts to respond to your report within 5 business days. In most circumstances, the response will include an evaluation of the report and an expected resolution date. Occasionally, we may require additional information in order to validate the report.
During the resolution process, we will keep you informed of our progress. Once a fix has been released, we will attribute your name as the discoverer of the problem (unless you desire otherwise). Please note that BeyondTrust does not provide compensation or rewards for vulnerability discoveries.