TransIP Responsible disclosure policy

Security is a core priority at TransIP. We highly value the work of ethical hackers and security researchers who help us protect our systems and our users. If you’ve discovered a potential vulnerability, we would love to hear about it through the Intigriti platform 

Important: We only accept vulnerability submissions via our Intigriti bug bounty program. Reports sent via email or other means will not be eligible for a bounty. 

Why Intigriti?

Using Intigriti benefits both sides: 

• A secure and trusted platform for disclosure of vulnerabilities. 
• Structured communication and feedback. 
• Bounty rewards for accepted reports and easy payout. 
• Optional anonymity for researchers. 

By centralizing our vulnerability handling with Intigriti, we ensure a smooth, fair, and secure process for everyone involved.

Guidelines

We ask all researchers to follow these basic rules: 

• Do not exploit vulnerabilities beyond what is necessary for proof-of-concept. 
• Avoid impacting user data or privacy. 
• No social engineering or physical testing. 
• Keep your findings confidential until we’ve had a chance to fix the issue. 

If you play by the rules, we commit to: 

• Reviewing your report promptly. 
• Keeping you informed about progress. 
• Rewarding you when appropriate. 
• Never taking legal action against responsible researchers.

Scope

You can find the current scope and testing guidelines directly on our Intigriti page.