A dedicated team of Shapers work round-the-clock to keep Shape’s products and customer information secure from attackers. However, we also recognize the important role independent researchers and the security community play in detecting emerging threats and new vulnerabilities. As a security-focused company, we are committed to addressing and reporting security vulnerabilities through a collaborative effort with security enthusiasts to provide the best product offerings for our users.
To report a vulnerability detected in Shape’s website, IT infrastructure, or its offered products, please reach out to firstname.lastname@example.org by including all relevant vulnerability details along with a descriptive set of instructions to reproduce the vulnerability found.
We request the security community to allow us to fix any identified vulnerabilities before releasing the information publicly while adhering to the following:
Shape’s security research experts will analyze the information provided by you and will follow the responsible disclosure policy guidelines as stated in the ISO/IEC 29147:2018 policy to timely remediate the vulnerability, and provide assurance to the stakeholders involved. Appropriate remuneration will be offered in the event of a successful bug disclosure.
Shape is committed to providing best in-class security solutions and strives to foster a collaborative community with security researchers and enthusiasts.