To Contact Percona for any security related issues please use the following:
Phone: +44 1214 682 054
OpenBugBounty program: https://openbugbounty.org/bugbounty/PerconaSecurity/
Encryption key: https://keybase.io/percona_security/pgp_keys.asc?fingerprint=88f513aa99b1d2ea8e0f86e70b6ab3a277060327
Please ensure your report includes screenshots demonstrating the suspected vulnerability as well as a full description of the procedure required to reproduce the suspected vulnerability, if we can not reproduce your issue it will be disregarded please help ensure we have the required information to move forward with your report.
We sincerely appreciate your time and effort.
Prohibited testing includes the following:
- Any tests which could lead to potential interruption of service such as DDoS or DoS attacks
- Fuzzing without prior authorization from Percona
- Uploading/distributing malicious payloads (e.g. browser exploitation, request redirection, phishing, webshells, etc.)
- Testing which would yield unauthorized access, junk mail, spam, phishing and all other unsolicited mail
- Testing from any country presently under U.S. Sanctions
- Testing which would degrade the performance, reliability and/or availability of services
- Targeting individuals (e.g. Phishing, Spear phishing, social engineering, man in the middle, malicious hid devices, etc)