Working with security researchers
Testing our security? Report vulnerabilities through our disclosure programme
At Networkapp, part of Inscene Company BV, we believe in continuous improvement. That is why we encourage professional security researchers and ethical hackers to test the security of our platform, APIs and app.
Think you have found a vulnerability? Please report it directly to security@networkapp.com so that we can work with you to resolve it confidentially. For a valid first report, we will of course recognise your contribution by adding your name to our hall of fame.
Guidelines for researchers
What is in scope?
The Networkapp app for iOS and Android, app.networkapp.com, our API, the dashboard and the website. Third-party support and chat modules are excluded.
How should you report a vulnerability?
Send a detailed step-by-step description, optionally including non-public videos or screenshots, to security@networkapp.com. We will respond within three working days.
Ground rules
Do not perform automated scans, disrupt our systems through methods such as DDoS attacks or brute-force attempts, or access data belonging to other users. Public disclosure may only take place in consultation with us and after the fix has been deployed.
Not eligible for recognition
Reports concerning missing HTTP headers, DNSSEC, clickjacking without a working exploit, or outdated software versions without evidence of a functioning exploit are not eligible for inclusion in our hall of fame.