Responsible Disclosure

Our Philosophy on Security

We believe everyone should be safe & secure and this includes our services. This is why we run a bug bounty program at Hedgehog Security. While we are security engineers, penetration testers and researchers ourselves, sometimes stuff happens. If you have found a security vulnerability in any of our web applications or services such as [secure], we appreciate your help in responsibly disclosing the details to our team.

Reporting a Vulnerability is Simple

If you believe you’ve discovered a security vulnerability in one of our applications or services, please email us at or use the form below. If you would like some guidance on how to detail your submission, we have a blog post on that very subject here.

We will respond as quickly as possible, usually within 24 hours. To help us fix the issue faster, please use these guidelines when sending your report:

  • Provide Lookout with full details of any discovered issue.
  • In the best interest of our users and their data, please do not publicly disclose the issue until it has been addressed by Lookout.
  • Never purposely disrupt services for other users.
  • Never attempt to access or modify data from other users.
  • In order to keep everyone safe, please act in good faith towards our users’ privacy and data during your disclosure. We won’t take legal action against you or administrative action against your account if you act accordingly.

Reporting Form

If you would rather use a web form, please use the form below.