At Gruntwork, we understand the critical importance of security, both with respect to our customers’ information, as well as the infrastrucuture our customers build using our IaC library. Gruntwork is firmly committed to ensuring the security of its customers and users by protecting their information.
- Subscribe to our security mailing list. All Gruntwork subscribers receive notifications related to security releases, vulnerabilities, disclosures, and related security news via our mailing list. Subscribe to our security mailing list to receive these updates.
- Get policy updates programmatically. Subscribe to our policy RSS feed to be notified when we release updates to our security policies. Note that you may need to cut and paste the RSS URL into your favorite RSS Feed Reader to monitor updates.
- View recent policy updates. View changes to our legal and security policies. This is a human-friendly rendering of our RSS feed.
Report a Vulnerability
We accept vulnerability reports via email@example.com. Reports may be submitted anonymously. If you share contact information, we will acknowledge receipt of your report within 3 business days.
We do not support PGP-encrypted emails. For particularly sensitive information, please reach out to firstname.lastname@example.org to discuss before sending over.
For more information, please see our Vulnerability Disclosure Policy.