Security Vulnerabilities Disclosure

We are eager to learn about security vulnerabilities and gaps you may know about and commit to their remediation and continued improvement.

 

When it comes to the information security of our customers, we are always on the lookout for new and better ways to improve our service and product at RiseUp. Our information security team is happy to listen, get feedback and improve with your help. 

 

We encourage disclosure of any security vulnerabilities, gaps and concerns that can affect our service, product, websites, information security and privacy of our users. 


We make a commitment to remedy any finding that can pose a risk to riseup or our customers.

How Does it Work?

Once you reach out to us about potential security concerns or vulnerabilities, we will respond to your email and acknowledge them within three business days (earlier, most likely). Please collaborate with us while preserving the privacy, integrity and ethics, for all parties involved, for our customers - particularly so.

Good to Know

We do not operate a Bug Bounty reward or recognition program at this time. Please note that this information on this page is in now way an invitation or consent to attack, testing or abuse of our service or products. RiseUp employs tools and independent 3rd-parties for testing, inclusive of penetration testing, vulnerabilities scanning and assessments. 

 

Please keep all discussions with us confidential.

Vulnerabilities Disclosure Policy

Combined-Shape-Copy-3.png

Please report any vulnerabilities and security gaps you are aware of as soon as you are able.

Combined-Shape-Copy-3.png

Please allow RiseUp a reasonable time to act to assess and remedy reported vulnerabilities, before you share or talk about them with others.

Combined-Shape-Copy-3.png

Act in good faith and make good and reasonable efforts to avoid compromise of customer and RiseUp privacy, integrity and availability of services.

Kindly Avoid the Following

no_icon.png
no_icon.png
no_icon.png
no_icon.png
no_icon.png
no_icon.png

Denial of Service attacks

Bruteforce attacks

Phishing or Spam email

Social Engineering attacks

Attacks targeting our customers, partners or vendors

Physical attacks, deceptions, tampering and abuse of our offices, employees or customers

Kindly report any vulnerabilities or security gaps to: security@riseup.co.il 

Thank you for helping keep our customers and RiseUp safe!

DrorEinavriseup3056.png

Alexander S. Getsin, CISO@RiseUp