Responsible disclosure
Report suspected vulnerabilities, account isolation concerns, or abuse paths to [email protected]. Do not include secrets or customer data unless requested through a secure follow-up channel.
Security
Security overview and responsible disclosure.
Cuttlefish security review routes are available for enterprise diligence and responsible disclosure. The canonical security policy remains available for detailed policy text.
Enterprise review
Security packet and diligence requests can be routed through sales, legal, or security depending on procurement needs.
Support split
Billing and sign-in problems should go to support or billing. Vulnerability reports should go to security.