---
title: "Responsible Disclosure"
slug: responsible-disclosure
description: "Resend is committed to keeping customer data safe and secure. We value any inputs from the community to help us detect
            vulnerabilities."
image: /static/cover-security.png
updated_at: "2024-11-28"
---

## How to report an issue

Due to limitations of our team size, we are temporarily pausing new reports.

{/* - A general description of the vulnerability;
- The URL where this vulnerability was found;
- The steps to reproduce, including screenshots;
- The vulnerability impact and mitigation;
- Any proof-of-concept code to exploit the vulnerability. */}

## What we expect from you

- Do not execute a Denial of Service (DoS) attack.
- Do not run any automated tools against our servers.
- Do not access or modify data that does not belong to you.
- Do not publicly share the vulnerability details.

## What you can expect from us

- We will perform our own risk assessment for every reported vulnerability.
- If your report is not eligible, we will let you know.
- If your report is valid, we will prioritize the issue and inform once it's fixed.
- We will let you decide whether you want to be publicly acknowledged or not.

## In scope

- [https://resend.com](/)
- [https://api.resend.com](https://api.resend.com)

## Out of scope

- Automated scanning
- Social engineering
- Password brute force
- Clickjacking on pages with no sensitive actions
- Missing security headers (unless you can prove exploitability)
- Security issues, only reproducible under highly unlikely conditions (using outdated or exotic web browsers, operating systems, or insecure internet connections)

## Bounty

We will offer a reward that can range from being mentioned in the Hall of Fame to receiving a monetary amount, depending on the severity of the security issue and the quality of your report.

Please note, that the reward is contingent upon the security issue being both serious and previously unidentified by Resend.

{/* Waiting on the first names to add this section
### Hall of Fame

We're grateful to the following people who have helped us improve the security of Resend:

- TLB */}