Responsible Disclosure of Security Vulnerabilities

Security is something we prioritize at Blue Canvas. We believe that security is a process – it’s more than just firewalls and password rotation. Security is also about culture and policies. At Blue Canvas, we have set out to build a security-literate and conscious culture from day one. This ranges from the way we think about hiring and training, to the vendors that we select, to how we implement our systems.

Reporting Vulnerabilities

You may contact us with any security concerns, or security suggestions at security@bluecanvas.io

  • Please include as much information as possible in your report, including a way for us to reproduce the issue. “Proof-of-Concept” programs, tools, or test accounts that you’ve created are welcome.
  • Please do not make your research or findings public (or share them with anyone) until we have had an adequate time to investigate and deploy a fix. We will notify you when the security vulnerability has been patched.

Learn More

For more information about how Blue Canvas protects customer data, read our Security Documentation.