Build a better business with ideas from
the people who know your business best.
It would really help us if you could tell us a little more about yourself and your company.
At Sideways 6, we deal in ideas and information. That's why ensuring our customers can fully rely on us to protect their data is of paramount importance to us. If you are a security researcher and you have discovered a security vulnerability in the Sideways 6 platform, on our public website, or elsewhere, we would like to ask you to tell us about it in a responsible way.
Our promise is simple - if you are a security researcher and you report a vulnerability in good faith and in accordance with this policy, we will validate it and address it. We will not take legal action against you or penalise you in any way if you help us in this way. However, breaking this policy is not a good idea - we reserve all legal rights in case of non-compliance.
We encourage security researchers to submit the details of any suspected vulnerabilities with our Information Security Team via the form at the bottom of this page. We will review your submission, verify that it's indeed a real vulnerability that needs to be addressed, and check that it hasn't been reported previously. Your submission will need to include full details of the issue and how to reproduce it.
We don't operate a bug bounty programme, but if you help us by informing us about a real security issue, we will do our best to get you some of our S6 merch, or maybe even an Idea Beer.
If you find and report a real security vulnerability in accordance with this policy, we promise to work with you to understand and validate the issue, and we will triage it and address it if we see that as appropriate or inform you we aren't going to. Once you've reported a vulnerability, we'll try and respond within two weeks.
Please don't publicly disclose any details of the vulnerability you've identified without our written consent - that would constitute non-compliance with this policy. In the process of finding, validating, reporting, communicating about or doing anything at all about the issue, you're not allowed to do the following things - that would also make you non-compliant:
Please fill the form below to report a security vulnerability: