Read our newest book, Fundamentals of DevOps and Software Delivery, for free!
Legal Changelog

Contract & Policy

Changelog

A history of all updates to Gruntwork contracts and policies.

Removed bug bounty

Unfortunately, our informal bug bounty greatly decreased the signal-to-noise ratio in our vulnerability reports. We remain fully committed to security and highly appreciative of any vulnerability reports made in good faith, which we continue to encourage and strive to address in a timely manner according to their urgency.

Added Our Vulnerability Disclosure Policy

As a reflection of our ongoing commitment to security, and in the interest of full transparency, we’ve created a Vulnerability Disclosure Policy. This establishes a formal commitment to our customers, as well as procedures through which any security concerns may be reported to Gruntwork.