GetBusy are committed to investigating and resolving security issues reported by the security community. This page describes our approach to address potential vulnerabilities in any of our services. If you have information on a suspected vulnerability or other security concern, you can submit details to the GetBusy security team via the webform.  
‍

Please provide the following details at time of submission:

• The website or page in which the vulnerability exists.
• A brief description of the type of vulnerability.

Please do not report the following issues, as they will not be acknowledged:

• Publication of DMARC records
• Clickjacking vulnerabilities on pages with no sensitive actions
• Cross site request forgery (CSRF) attacks that have limited to no impact
• Theoretical vulnerabilities  

If the suspected vulnerability has not already been discovered though our internal security assessment procedures, the GetBusy security team will use reasonable efforts to validate and reproduce the issue. If after the investigation, the reported vulnerability is validated, we will respond to confirm this and keep you informed of the progress towards resolving the problem. GetBusy’s current policy is to thank researchers who follow responsible disclosure to submit a vulnerability report that has helped improve the security posture of services.