Security researchers are invited to investigate vulnerabilities in Glints, so long as their research follows this responsible research and disclosure policy.
If you find an issue involving security, please let us know as soon as possible, and we'll make every effort to correct the problem quickly if it's validated. It's against the Glints policy not to disclose information about a problem outside of the program without the Glints team's explicit permission.
By ensuring you agree to be bound by these rules by participating in this program:
- Any User data and Glints proprietary data are not leaked, manipulated, altered, modified and/or destroyed in any way.
- Only test against accounts you own yourself or with the explicit permission of the account holder.
- Automated/scripted account creation is not permitted.
- If customers need to be enumerated in bulk, reduce the amount of information you collect. A small sample will suffice for proving the concept.
Get started here: https://security.glints.com