Vulnerability Disclosure

Memset encourages responsible disclosure and feedback from the community regarding the security of our systems.

If you believe that you have identified a security issue in our systems please contact us on vulnerabilities@memset.com with a brief and general outline. We will get back to you as soon as possible with a key exchange to enable a more confidential conversation.

We will then work with you to confirm and mitigate the issue quickly and appropriately. To ensure there is no risk to our customers or infrastructure.

If you:

  • Avoid privacy violations, impact on customers or destruction of data
  • Don't DoS/DDoS us
  • Report to vulnerabilities@memset.com and work with us to confirm the issue
  • Keep the vulnerability confidential until we have confirmed a fix or mitigation

We will:

  • Work with you
  • Not pursue any kind of legal action
  • Collaborate with you, including recognition of your efforts

We don't maintain a formal bug bounty program but we recognise the importance of the security community. For the right findings we will consider a reward.