How do I claim a Bug Bounty

Objective:

  • As a security researcher, how do I report valid security bugs and/or security vulnerabilities on Clio's website?

Environment:

  • Clio Web App

Additional Information:

We are happy to reward security vulnerabilities in our app (app.clio.com) that are novel to us and that can be used to gain additional, illicit access.

Answer:

To responsibly disclose a security vulnerability to Clio, we ask that you e-mail us a detailed description of the security vulnerability at security@clio.com

If you would like to ensure the vulnerability is read only by the Clio Security Team, you may encrypt it with the public key located at https://app.clio.com/security/security_at_clio_dot_com.gpg

The Clio Security Team will acknowledge receipt of your report and lay out next steps within two business days of receiving the report.

 

Was this article helpful?
This information is confusing or wrong
This isn't the information that I was looking for
I don't like this functionality