Responsible Disclosure Policy

Rollbar aims to keep its Services safe for everyone, and data security is of utmost priority. If you are a security researcher and have discovered a security vulnerability in the Services, we appreciate your help in disclosing it to us in a responsible manner.

Rollbar will engage with security researchers when vulnerabilities are reported to us in accordance with this Responsible Disclosure Policy. We will validate, respond and fix vulnerabilities in accordance with our commitment to security and privacy. We won't take legal action against or suspend or terminate access to the Services of those who discover and report security vulnerabilities in accordance with this Responsible Disclosure Policy. Rollbar reserves all of its legal rights in the event of any noncompliance.

Capitalized terms used in this Responsible Disclosure Policy and not otherwise defined have the meaning ascribed to such terms in our Terms of Service.

Testing

You may test only against an Account for which you are the Account owner or a Member authorized by the Account owner to conduct such testing. In no event are you permitted to access, download or modify data residing in any other Account or that does not belong to you or attempt to do any of the foregoing. You are also prohibited from:

  • executing or attempting to execute any "Denial of Service" attack;
  • knowingly posting transmitting, uploading, linking to, sending or storing any Malicious Software;
  • testing in a manner that would result in the sending unsolicited or unauthorized junk mail, spam, pyramid schemes or other forms of duplicative or unsolicited messages;
  • testing in a manner that would degrade the operation of the Services;
  • testing third party applications or websites or services that integrate with or link to the Services.

Reporting

Share the details of any suspected vulnerabilities with the Rollbar Security Team by sending an email to [email protected]. Please do not publicly disclose these details without express written consent from Rollbar. In reporting any suspected vulnerabilities, please include the following information:

  • Vulnerability details with information to allow us to efficiently reproduce your steps
  • Your email address
  • Your name as it should be displayed on this page if you would like it to be
  • Your Twitter handle or website as it should be displayed

Compensation Requests

Requests for monetary compensation in connection with any identified or alleged vulnerability will be deemed noncompliant with this Responsible Disclosure Policy.

Our Commitment

If you identify a verified security vulnerability in compliance with this Responsible Disclosure Policy, Rollbar commits to:

  • Promptly acknowledge receipt of your vulnerability report
  • Provide an estimated timetable for resolution of the vulnerability
  • Notify you when the vulnerability is fixed
  • Publicly acknowledge your responsible disclosure

Contributors

Rollbar thanks the following individuals and organizations that have identified security vulnerabilities in accordance with this Responsible Disclosure Policy:

2023

Sameer Shaikh

2022
Banavath Aravind
Sakshi Dilip Patil
Girish B O
Rahul Dhankhar
Satyam Singh
Vinit Lakra
Aniket Kamboj
Milan Jain(Scriptkiddie)

Kandarp Dave

2021
Armanul miraz
Kirti Kharb
Subhasis Datta
Kartik Khurana
Muhammad Usman Nasir
Ravi Kishor
Gaurang maheta
Jayalakshmi Ponnurangan
Mohd Asif Khan
Phaneendra bhargav
Shivani Singh
Kunal surya
Sohail Ahmed
Harinder Singh
Sachhit Anasane
Harshal S. Sharma
Vishwash Chavda

2020
Pritam Mukherjee
Sanjeet Mishra
Vyshnav Nk
Foysal Ahmed Fahim
Sohail Ahmed

2019
Alex Piechowski
Ratnadip Gajbhiye
Rashid

2018
Sameer Phad
Mitesh Patil
Pranshu Tiwari
Mike Jordan
Shameer Kashif
Rakesh Kirola
Amal Mohandas
Danish Tariq
Mohammed Israil

2017
Sam Giffney
Rowan Harrison
Mubassir Kamdar
Suyog Palav
Huy Kha
Zeel D. Chavda
Swapneil Kumar Dash
Muhammad Uwais
Nitesh Sharma
Shuaib Abidemi Oladigbolu
Pethuraj M
Raja Uzair Abdullah

2016
Deepali Malekar
Guilherme Scombatti
Mohammed Kaja Nawaz L J

2015
Pradeep Kumar
Shahmeer Amir
Manjesh S
Manikandan Rajakumar
Varun Chowdary
Hammad Qureshi and Huzaifa Jawaid
Mohammad Naveed
Osama Ansari
Hussain Adnan Hashim
Ranjeet Singh
Indrajith.AN
Rafael Pablos
Osama Mahmood
Dushyant Sahu
Sai Shanthan Palvai
Kalpesh Makwana