- As a security researcher, how do I report valid security bugs and/or security vulnerabilities on Clio's website?
- Clio Web App
We are happy to reward security vulnerabilities in our app (app.clio.com) that are novel to us and that can be used to gain additional, illicit access.
To responsibly disclose a security vulnerability to Clio, we ask that you e-mail us a detailed description of the security vulnerability at firstname.lastname@example.org
If you would like to ensure the vulnerability is read only by the Clio Security Team, you may encrypt it with the public key located at https://app.clio.com/security/security_at_clio_dot_com.gpg
The Clio Security Team will acknowledge receipt of your report and lay out next steps within two business days of receiving the report.
Complete details of Clio's Security Policy can be found at https://app.clio.com/security/policy.txt