If you have an issue with a charge on your credit card, please do not read this page. This program is for software researchers, and our engineering team cannot access donor information such as credit cards and cannot refund charges. If you are looking at this page because you want to cancel a contribution, please contact our customer service team at or by using the contact form.

We’re committed to working with the developer and security communities to identify any vulnerabilities and ensure that our platform is as safe as can be.

If you want to bring a technical issue to the attention of our software security team, send an email to GPG-signed mail is preferred; you may use our public key to encrypt any potentially sensitive information.

We'll try to respond within 2 business days. If you do spot a real, live security bug in production (as determined by us), you’ll win yourself a bounty of $1,000 (and perhaps a job interview).

Please contact us first to introduce yourself if you think you have multiple issues to report. Also, please do not engage in any automated scanning or crawling without getting in touch first.

Sites hosted by third parties, such as our blog, tutorial/FAQ, mailing list, and social media accounts, are not within the scope of this program.