Responsible Disclosure Program
Scope
If you need Chartboost support, please refer to the Chartboost Customer Support page.
Chartboost is dedicated to providing a secure advertising and monetization environment for our partners. If you are a security researcher or an active partner of the platform, and believe you’ve found a security vulnerability or an exposure allowing for fraudulent activity that could adversely affect Chartboost or our partners or give an unfair advantage when abused, please let us know by contacting us through our Responsible Disclosure Program (RDP).
Rules for Chartboost’s Responsible Disclosure Program
Chartboost welcomes your security vulnerability reports, provided the guidelines below are followed when conducting your security assessment and research against our monetization and advertising platform, applications, and services.
You may set up secondary test accounts under your sole control for authorization testing. However:
- You must not attempt to perform malicious data destruction attacks against Chartboost or Chartboost Partners' data services.
- You must not violate an individual's privacy in conducting your research.
- You must not perform any network volumetrics attacks that adversely affect the reliability of Chartboost’s services, including but not limited to, DoS and DDoS.
Submissions
Security vulnerability reports for Chartboost and/or its affiliates may be submitted via the submission form below or our vendor’s crowdsourced submission platform to be considered for our paid bounty or points awards. Alternatively, if you prefer, you may contact our security organization via email, at Chartboost Security, to provide vulnerability information directly.