Security response

We appreciate your concern #

Keeping customer data safe and secure is a huge responsibility and a top priority. We work hard to protect our customers from the latest threats. Your input and feedback on our security is always appreciated.

Reporting security problems #

For security vulnerabilities and other urgent or sensitive reports, please email our Security team. If you feel it necessary, use [our public key][pub] ( 5216B5D28D2E161A7F98D372FF96FA687153E3C1 ) to keep your message safe and please provide us with a secure way to respond. We'll respond as soon as we can. Please follow up or ping us on Twitter if you don't hear back.

For requests that aren't urgent or sensitive: submit a support request.

Tracking and disclosing security issues #

We work with security researchers to keep up with the state-of-the-art in web security. Have you discovered a web security flaw that might impact our products? Please let us know. If you submit a report, here's what will happen:

  • We'll acknowledge your report.
  • We'll triage your report and determine whether it's eligible for a bounty.
  • We'll investigate the issue and determine how it impacts our products. We won't disclose issues until they've been fully investigated and patched, but we'll work with you to ensure we fully understand severity and impact.
  • Once the issue is resolved, we'll post a security update along with thanks and credit for the discovery.

Our products are built on the Django framework. The issue you reported might affect Django, Python, or some other part of our technology stack. We ask for your patience while we also make sure other companies and their customers are protected. Either way, you'll always have a Netlandish contact for your issue.

Bounties #

Netlandish is a tiny company. At the time of this writing we are only 5 people in total. We are happy to offer bounties but please understand that as a small company they will probably to be smaller than you may be used to. We are also open to free accounts on our products as partial bounty payment should you be interested in such an offer.