How do I report a security vulnerability?

Thanks for your interest in keeping BandLab a friendly and welcoming community for everyone! The privacy and security of our community are our top priority, and if you've discovered any potential vulnerability, we want to know about it!

It's important to note that we do not have a bug bounty program in place. Our team is always testing all aspects of BandLab including enhancements to our security measures. As such, we do not offer a monetary reward for those who bring any potential bugs to our attention. However, if we receive information that has not previously been discovered by our team, you may qualify for a small finder's fee. We do not sign agreements with any person or group regarding services to find these, and your findings do not guarantee a payout.

If you believe you have found a vulnerability not previously discovered by our team, please follow the steps below:

  1. Reach out to our team via email at support@bandlab.com with the subject "Security vulnerability found" along with the date so we know this is an active case to consider
  2. Include a short description of the issue and how it was discovered
  3. Include step-by-step instructions for our team to verify the issue
  4. Include a screenshot or short video if this issue is reoccurring and easily identifiable

We will follow up via email with details if the issue is currently being resolved, has been previously identified, or has been confirmed and not previously discovered. Thanks in advance for your help!

2 out of 3 found this helpful