Responsible disclosure policy
Geckoboard aims to keep its service safe for everyone, and data security is of utmost priority. If you're a security researcher and have discovered a security vulnerability in the service, we appreciate your help in disclosing it to us in a responsible manner. In return we promise to investigate reports promptly.
While we encourage you to discover and report to us any vulnerabilities you find in a responsible manner, the following conduct is expressly prohibited:
- Performing actions that may negatively affect Geckoboard or its users (e.g. Spam, Brute Force, Denial of Service…)
- Accessing, or attempting to access, data or information that does not belong to you. If you want to test cross-account access please signup for additional trial accounts
- Destroying or corrupting, or attempting to destroy or corrupt, data or information that does not belong to you
- Attempting non-technical attacks such as social engineering, phishing, or physical attacks against our employees, users, or infrastructure.
When in doubt, contact us.