Vulnerability disclosure

Condens is committed to ensuring the safety and security of our customers and employees. We aim to foster an environment of trust, and an open partnership with the security community, and we recognize the importance of vulnerability disclosures in continuing to ensure safety and security for all of our customers, employees and company.


How to Submit a Vulnerability

To submit a vulnerability report to Condens’s Product Security Team, please utilize the following email security@condens.io. If you prefer to submit the report anonymously, please use a protected, disposable email to send the report.


What we would like to see from you: 

  • A well-written report in English ideally including proof-of-concept code to equip us to better triage.

  • Details of how you found the bug, the impact, and any potential remediation.

  • Please include any plans or intentions for public disclosure.

  • Please refrain from testing and/or contacting us regarding obvious things like email enumeration, email bombing, acount name validation, iframe click jacking and similar.

What you can expect from us:

  • A timely response to your email within 10 business days at latest.

  • After triage, we will send an expected timeline, and commit to being as transparent as possible about the remediation timeline.

  • Notification when we completed the vulnerability analysis.

  • Credit after the vulnerability has been validated and fixed.


Didn't find what you're looking for? Send us a message and we'll get back to you.