Responsible Disclosure Program (RDP)

Scope

If you need support with any other Chartboost issues, please refer to the Chartboost Customer Support page

Chartboost is dedicated to providing a secure advertising and monetization environment for our partners. If you are a security researcher or an active partner of the platform, and believe you’ve found a security vulnerability or an exposure allowing for fraudulent activity that could adversely affect Chartboost or our partners or give an unfair advantage when abused, please let us know by contacting us through our Responsible Disclosure Program. (RDP).

Rules for Chartboost’s Responsible Disclosure Program

Chartboost welcomes your submission of security vulnerability reports, provided you follow these guidelines when conducting your security assessment and research against our monetization and advertising platform, applications and services.

You may set up secondary test accounts under your sole control for authorization testing. However:

-You must not attempt to perform malicious data destruction attacks against Chartboost or Chartboost Partner’s data services

-You must not violate a person’s privacy in conducting your research.

-You must not perform any network volumetrics attacks that adversely affect the reliability of Chartboost’s services, including but not limited to, DoS and DDoS.

Submissions

Security vulnerability reports for Chartboost and/or its affiliates may be submitted via the submission form below, or our vendor’s crowdsourced submission platform to be considered for our paid bounty or points awards. Alternatively, if you prefer, you may contact our security organization via email, to Chartboost Security to directly provide us vulnerability information.