How to submit a responsible security disclosure
It’s good to know there are well-meaning security researchers out there checking sites for vulnerabilities.
As you’d expect, we’re super-confident in Snoop’s systems and data-handling and always working to keep Snoop ultra-safe and secure. But if anyone does spot anything that we should look into, we want to do that quickly and fix any problems straightaway.
‘Responsible security disclosures’ let you flag any security issues you think may affect the confidentiality, integrity or availability of Snoop's systems or data.
We’re keen to know about any potential vulnerabilities across Snoop’s apps or websites, including:
- Snoop's Android app
- Snoop's iOS app
- Snoop.app website
- Any affiliate site you think may affect Snoop
So we can get on the case quickly with any responsible security disclosures you submit, it would be a massive help if you could:
- Give us as much detail as possible, including and sources or references
- Include all steps needed to spot and exploit the vulnerability
And please:
- Don't break any laws
- Don't put any customer or Snoop data at risk
Any info you gather should be kept confidential and only used in your responsible security disclosure.
Two quick final things to mention:
- This reporting system is just for responsible security disclosures. We won’t reply if it’s about something else.
- Snoop doesn’t offer any financial incentive for responsible security disclosures.
That’s all we wanted to say up front.
To submit a responsible security disclosure, please email: securitydisclosures@snoop.app
If the contents of the disclosure are sensitive, please encrypt your message using the following GPG key (id: 0x697E0731, fingerprint: FA9E BADC F6FB D9F6 CB16 01A3 B005 6669 697E 0731)