At Carta we are committed to keeping our customers’ data secure and private. We take security seriously and to demonstrate that security is a priority to us we ensure that our Responsible Disclosure Policy allows the independent security researchers an opportunity to engage with us and notify us of potential security threats impacting the safety of our customers’ data. If you believe you have discovered a potential vulnerability that affects our services, please, let us know.
For any activity you conduct in accordance with the Responsible Disclosure Policy guidelines below, Carta will not take legal actions against you.
Do provide sufficient information to reproduce the problem, so we will be able to resolve it as quickly as possible. Please, fill out the form at the bottom of the page so we can intake and review your submission.
We will investigate any details you provide and respond as soon as possible, usually within three business days, and will keep you reasonably informed of the status of any validated vulnerability that you report through this program