Security and Vulnerability Reporting

We want to keep Pareto Security safe for all users. Publicly disclosing a vulnerability can put the entire Pareto Security community at risk. If you've discovered a vulnerability in the system, we appreciate your help in disclosing it to us in a responsible manner.

Most security issues we receive are fixed and resolved within 24 hours. For more information read our disclousure policy.

Independent Third-Party Audits

We also put the platform through regular third-party audits to check for vulnerabilities in the system.

Vulnerability Reports

All current vulnerability reports and official audits, ordered by date of disclosure.

Date Reporter Vulnerability Resolution
September 2021 Missing /security.txt Published a signed security.txt file at
February 2022 User Browser Security Headers for are not set Added appropriate browser headers to get "Grade A" on

Contact Us

If you found a vulnerability in the system, please contact us and provide as much information as possible following our disclousure policy.

See code on GitHub