Fog Creek Security Policy
When you use our products, you want to know that your data is secure. Security is a top concern for us. We work hard to ensure we stay on top of the latest threats so that our products—and the systems on which they run—remain up to date.
Need to report a security vulnerability?
Contact us. When a potential security vulnerability is reported, it is handled with the highest priority until it is properly addressed.
Would you like credit for a vulnerability that you discreetly reported to us? Let us know and we'll be happy to mention you on this page.
Security information per product
Because the implementation details for each product are different, you can find the security policies for each of our products below:
Privacy and your data
Thanks to the following individuals for responsibly disclosing a security vulnerability in one of our products:
- Andy Mahaney - @andrewmahaney
- Edis Konstantin - edis.konstantini
- Kamil Sevi - @kamilsevi
- Yehia Mamdouh - yehia.mamdouh.98
- Ishan Anand (Zero-Access) - zero.access999
- Sahil Saif - bewithsahilsaif
- Nitesh Shilpkar - niteshshilpkar
- Monendra Sah - @mohitnitrr
- Tejash Patel - @tejash1991
- Mathias Karlsson - @avlidienbrunn
- Patrik Fehrenbach - @itsecurityguard
- Noman Ramzan & Zeeshan Haider - MLT Blogs
- Adam Ziaja - @adamziaja
- Muhammad Shahmeer - Shahmeer.1994
- Omer Butt - @omerbutt26
- Frans Rosén - Detectify
- Nakul Mohan - nakul.cia
- Jon of Bitquark - bitquark
- Tanoy Bose - TanoyBose
- Brad Wells