Bug Bounty Program
Effective Date: Last Updated as of March 1, 2019.
Thank you. Please help make Directly a safer place for our customers and experts by disclosing security issues responsibly.
If you’re a security expert or researcher and you believe you’ve discovered a security-related issue with Directly or any of our subdomains (*.directly.com), we appreciate your help in disclosing the issue to us responsibly.
We ask the security researcher community to give us an opportunity to correct a vulnerability before publicly disclosing it. Please submit a bug to Bugcrowd with a detailed description of the issue and the steps you believe may be required to reproduce what you have observed. For questions about our program, please email us here.
Our Responsible Disclosure Process is dedicated to perceived online security issues that may affect customers, companies and experts using Directly. Upon receipt of your report, we promise to review and address any security issues in a timely manner and to communicate with you during our investigation and upon resolution.
Thanks again for making Directly a safer place for our customers and experts by disclosing security issues responsibly.