Secure Reporting

SOCRadar Vulnerability Reporting

To submit a vulnerability report securely, please encrypt your report using SOCRadar’s public PGP key and email it to [email protected].

Reference files: security.txt · pgp-key.txt

Step-by-step PGP encryption instructions

  1. Import SOCRadar’s public PGP key from our website: 
    curl -sL https://socradar.io/.well-known/pgp-key.txt | gpg --import
  2. Encrypt your report file or message using SOCRadar’s public key: 
    gpg --encrypt --armor --recipient [email protected] --output report.txt.asc report.txt

    This command creates an ASCII-armored encrypted file named report.txt.asc.

  3. Email the encrypted content to the SOCRadar Security Team by sending report.txt.asc to: 
    [email protected]

What to include in your report

To help us validate and remediate quickly, please include: affected URL/product, detailed reproduction steps, impact assessment, and any proof-of-concept details (as safely as possible).

Thank you

We appreciate responsible disclosure and will review reports as quickly as possible.