KnowBe4

KnowBe4 is running an invite-only bug-bounty program at HackerOne. If you would like to submit an issue please contact us via email and provide us with your hackerone username or you may submit the vulnerability directly to us outside of our bug bounty. Please do not contact us about low-severity bugs, findings from automated scanners, and hypothetical vulnerabilities.

KnowBe4 wants to ensure the security and confidentiality of our data and the data of our customers. As this is a private program, discussing this program or any vulnerabilities (even resolved ones) outside of the program without express consent from KnowBe4 (the organization) is strictly prohibited.

Automated / Active Scanning of our applications is prohibited.

Please reach out to us with any vulnerabilities that have a direct impact to our or our customers data. We will assess these vulnerabilities on a case by case basis.