DroneDeploy

Vulnerability Reporting Policy

At DroneDeploy, we take the protection and security of our customer’s data very seriously.

We recognize the value of independent security researchers and encourage security research on the DroneDeploy platform. We are committed to working with researchers to validate and quickly respond to any vulnerabilities reported to us. We ask that vulnerabilities not be disclosed publicly until we have had a chance to address and validate the issue.

Please use DroneDeploy free or trial accounts for testing and limit your research to your own account. We do not permit the following actions while performing security research:

  • Accessing or attempting to access data or accounts that does not belong to you
  • Attempts to modify, destroy, or corrupt data
  • Executing or attempting to execute a denial of service attack
  • Sending authorized emails or other forms of electronic communication to users
  • Conducting a physical or electronic attack against DroneDeploy personnel or physical property
  • Any activity that violates any applicable laws or agreements

If you believe you have discovered a security vulnerability issue, please submit the details in a timely manner by sending an email to security@dronedeploy.com. Please provide full details of the incident and the steps to reproduce.

Vulnerability Reporting Policy