Report a Vulnerability

Protecting our customers’ data is a responsibility that Anonyome Labs takes seriously. We recognize the valuable role that independent security researchers play in Internet security. As such, we welcome reports of all security vulnerabilities in Anonyome Labs’ products or services.

Responsible Disclosure

We encourage you to follow these responsible disclosure guidelines, and request that you not disclose your finding publicly until a fix or workaround has been provided by Anonyome Labs. Please send your report via email to security@anonyome.com.

Vulnerability Reporting Guidelines

  1. Provide sufficient detail on the steps to reproduce the issue, any code samples you wish to share, applicable screen capture or video, sample packet capture and other details that could facilitate our identification and verification of the problem.
  2. You can use the PGP key at the bottom of this page to encrypt sensitive information.
  3. Do not publicly share information related to the vulnerability until Anonyome Labs has released a fix.
  4. Allow a reasonable timeframe for Anonyome Labs to address the vulnerability and release a fix. Specific timeframes will be estimated during our assessment of your report.

Anonyome Labs’ Commitment to You

  • We will acknowledge your report within 24 hours of when we receive it.
  • We will work closely with you to understand your report and validate the security vulnerability you are disclosing. We will aim to provide you at least one update per week.
  • The information you share with Anonyome Labs as part of this process is kept confidential within Anonyome Labs. It will not be shared with third parties without your permission.
  • We will notify you when the vulnerability has been resolved and a release plan has been determined.
  • If we cannot validate and reproduce the issue in your report, this will also be communicated to you.
  • We will publicly acknowledge your responsible disclosure if you wish. We also respect your right to anonymity if you prefer.
  • If applicable, Anonyome Labs will coordinate public notification of a validated vulnerability with you. When possible, we would prefer that our respective public disclosures be posted simultaneously.

For the protection of our customers, Anonyome Labs does not disclose, discuss, or confirm security issues until a full investigation is complete and any necessary patches or updates are available.

PGP Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBFnTV/gBEAC7ORhL6LWj7OkLV/Sm4hd3+5/Qv7Wto1o/iGr/vAb20GO7tjED
0KPEq+8/fI7PJIts/e0WCLzD0gcrcktBPnBIYPI+xWfFAULAKaxVt+cAV/r2AZht
H//2uNJUiQY/YXs3LqvvJyRFOJGgQCjm8XhSmZ60/gSZvufdpuMI93wJ56jJZPc3
EVRmoasBcG2eLh4F+3kVxRuFwdFDATurkZ2oZpXuQzCm3hG+dRG9bpj7xB9fYtxI
s/5NckuElcBXVq6g/wNYwKpHmlrukLz+RKz5RPFcFDRNlcQhd/aqrC8wNyID/b0G
5mRV22wQzSc/zk5K/GhelgoaqgNRNgo9Y1E7nfpaP8Jwo194tzzMncAq4swAXdMc
F+9+08aZzdUWnJCaJ0Mjx+kPt19/FBKJDgpqUtdMxnBF1yIATrm4TCXA7fDX27MN
wkf1hmjED+DLqsE1UtuwwGA5w4yDWhuH+lbeMydbz5ODv1f4SKyBQGiypibFTmtV
dLmFDez1awsouuioT10t/yb7k6j/hSxuWY5arkpatzmk7+UhVz/d0YMNERccq46k
RV7gU+oIEfjZPUaaZO3Vkl6pI+NSPF59fb1Y6bj/KSK4lsLidWw5tabHWXEogoO3
/f0fHtMFZPExr6/4Lj3qL/gplnI9LE6B4VgJVvPRRF6VuD2LOyjDnZ9WuQARAQAB
tEFBbm9ueW9tZSBTZWN1cml0eSBWdWxuZXJhYmlsaXR5IFJlcG9ydGluZyA8c2Vj
dXJpdHlAYW5vbnlvbWUuY29tPokCVAQTAQoAPgIbAwULCQgHAwUVCgkICwUWAgMB
AAIeAQIXgBYhBNrpJpqcfAw2ZbG9a3V2zeagZSbsBQJhXnNwBQkLTYJ4AAoJEHV2
zeagZSbs3QsP/36lTsn1DHF4XV68T4HKG4B3zdJuq4unsijZc+0fS1k3Dhz7JSYV
UWARp4/S19ppDdolXei7BAJ/e0sXutgrsCQCmZdZLfZAv4MGZIfKmB728tjUXlJF
/RiomoIROCPkOGx72z6KvghcGoYtqLobCI74ZNOE4xaNy9XOe2l2fG7UJeeDRei8
jbYlInfhz6ylUVZPj0unAm1NO0Lvq37NIAUo9hhjC9lVo10giMV+06cC4V9pjQNt
vKSIrnNe1mALLWi/mKLNNXI5l+RDKfEVzQEquWJaNFZhfUaNI83CTOgARPTy5R8G
sR6TlWvz/R5+QPsSR74OtizR+/vooXzsmEguFR0lP2AYHnckh0CFxJ7pRADCqPDl
xosKXFu9KZykM670zi5y8DZeb+yK6Raa43+Uob6nE6BBdryOGgA+XEgVU300fqu8
5kp/yMIxLTOkAfd5Vjp0Y/rZ8nj7XOpuCM78orgOkmCYZiH70gfQw90Ac6Ubcn6s
21jfjIF0uWUuTkVB7jTY6Zr4rjbQ9T8zJT6Zt56j0TJ8YYA4hx5faLdX/CMzmKB1
TklBSvJRRd2wiPGQYYaDaWqM40Hkn+9QTkJG6D4PMKukhIiowDhRV6zjfcQYfXT5
qb3z25UVd2t71BETSsiAkN4xbxtMduK4CaNqCM5D2oA+FEAZX+L1+WkJuQINBFnT
V/gBEAC6kWJX5+XBUU5kJVwXLGd6AgKFS9FnjhKDKJsj3q6KST86B/8kkJW1QQ5Q
spXmMV0F0WHgNJ47dIFWrcKwscF2WcnyIfbG4w0hQAkATEi8RcDiWz+8OZxNOFJl
9CNYQHQjSbV3sJmvMMbMGjwN9esCnfxUXrzB9m/WIoy2DP1FGR9ZRbvJ5kiZI5E4
8n2QCz1PSHsJU2OY3a1gtOMO3au10ni5qCVKglboVBhUYw7nJhSDaM+WQHMPUj/a
v0Bgb5+plIkTQgo9IXFUx3ChX+Qohuntvn7jGUpF9/JrPVF9A4Bvp/XUadYTzjwV
3BvmvGSBsfoAor5zAgIsY0YabgCDtf2Qo7kUOwgFWKlPCBDR7d7UsFvcRRBtsIbl
ulR1sriAvMnZrmdz4MRictZ5cHT4/Z15D9mN/owJ2Rtg2GT1q5hsm70z9Rm1ILaU
xP4YA6opsk5zFk9b7NNHBJ9r4X8MaCYjI9Yoph0uSpSepI6skWfyzCN6Nc6xTfqs
BC8ZbesXofZuvQnjQFB90MFCtKubjE0CexeruOyTsTtmhAm/bq3ofyObxn125A+Y
EXomTVZ8zGzNiVUeZNPT5ZafoC0Vb0Q7fPzutFIfXJjLpAiA7uWnk44J1DA12hdF
06FSeJ5rNlXUiwHJQXJ9NncB9LpMPt0hQNatvP2drrqAiFY4EwARAQABiQI8BBgB
CgAmAhsMFiEE2ukmmpx8DDZlsb1rdXbN5qBlJuwFAmFec4sFCQtNgpMACgkQdXbN
5qBlJuyKxQ/+PuxqvF48m3yYSPYmQXGxW4leLlktpjyUzlIHm+tA5Rf++bhBWLrx
JWNRu/wIEZOi6Fp+dCJ0pWn00IPh+Ex/HUBht0x1jtkE/beY0btcwJj2DLzsdE7P
V+iv+fH5ZtU/ThP6FtgXZrjtqS+770OSFi6QZAq33fqmz0S6jU8KWHjrqdw5vKoa
mpSDli1r2T8OcCiPnQ6c1shPQl2F79vpWrtJpxmv97W95bfaIGLykPeaZ0FmS8kT
3H0082cRHZuABu+/7US/oDvTbUU+Pavo64JEo4Y5v4iHR2K8ucl/hVAXfHIR9bWv
LBHLOE8L357i47xJhaOLMY9K63dOkjmOXctctnMSS5BqdnTY3AvYcn11Eqf/KQZr
xP7tuOGzIyAvOJj7f43Yf32suh5yTN6VkJIdOKSzyXtv0bFK44MgEI0Opl8P2VZO
sJyMVNuk8UkvrI/gtkZV98u+vL4DhIn/r6HpoZ5QgA8ZQUafhNmn/Ie6NFjK/FcM
EkOjoLifcXbstRAVg5aN3kQpITWOhh/n1zEgcOhECzhvJgEjDH1j5rBE2/JoVuMO
27IZk8tYYp2HdOeHVzBNXMKKq1MvjErW7XsCmwJv8R6pbmxMBzntF5N6xTJt6Bm2
EhdKVe/W5IBPwB4dJad+E/nHqA6WoHOCFRRD78/hGpWi0E4an9TA8WQ=
=AKnE
-----END PGP PUBLIC KEY BLOCK-----

    Hall of Fame

    Anonyome Labs thanks the following people for working with us to improve the security of Anonyome sites and services:

    Sreedeep CK Alavil

    Dhiyaneshwaran B.

    Sayan Chatterjee

    Vikas Gupta

    Mohammed Israil

    Sajan Kr Mishra

    Rabsun Sarkar

    Ismail Tasdelen

    Pranshu Tiwari

    Gourab Sadhukhan

    Souvik Mondal

    Raajesh G

    Kinshuk Kumar

    Amit Kumar

    Shubham Panchal

    Sheikh Rishad

    Karan Rathod