New Relic is committed to the security of our customers and your data. We believe that engaging with security researchers through our coordinated disclosure program is an important measure to achieve our security goals.
If you believe you have found a security vulnerability in one of our products or websites, we welcome and thank you for reporting it through our coordinated disclosure program, as explained in this document. If you have other concerns, see the information about other email or account issues.
Coordinated disclosure program
New Relic partners with established bug bounty platforms to make it as easy as possible for researchers to report security vulnerabilities to us. In recognition of the effort involved in finding these issues, we may provide bounties for eligible reports.
New Relic has officially transitioned our coordinated disclosure program to BugCrowd.
To participate in the coordinated disclosure program:
- You must agree to the Bugcrowd Researcher Terms & Conditions and ensure that you're familiar with and follow our Bugcrowd policies before initiating any security testing.
- You will be prompted to create a New Relic account that can be used only for permitted testing activity and with the applicable Terms of Service.
Customer security issues
If you are a New Relic customer and have a password or account issue, do not use our coordinated disclosure program. Instead, please follow our standard troubleshooting procedures for password, email, and login problems.