New Relic is committed to the security of our customers and your data. We believe that engaging with security researchers through our coordinated disclosure program is an important measure to achieve our security goals.
If you believe you have found a security vulnerability in one of our products or websites, we welcome and thank you for reporting it through our coordinated disclosure program, as explained in this document. If you have other concerns, see the information about other email or account issues.
New Relic has partnered with HackerOne to make it as easy as possible for researchers to report security vulnerabilities to us. In recognition of the effort involved in finding these issues, we may provide bounties for eligible reports. For full details of our policies and to see previously disclosed reports, go to the coordinated disclosure page on HackerOne for New Relic.
To participate in the coordinated disclosure program:
- Ensure that you're familiar with our policies with HackerOne before initiating any security testing.
- Only test against accounts you control.
If you are a New Relic customer and have a password or account issue, do not use our coordinated disclosure program. Instead, please follow our standard troubleshooting procedures for password, email, and login problems.