Security Notice

Security at Addepar

Security is a serious matter to Addepar. We are reinventing the infrastructure that powers global wealth management and we want to do it right. Our team constantly works to protect our infrastructure and product by maintaining state-of-the-art security measures. We are asking you to help our mission by responsibly disclosing any vulnerabilities you identify.

REPORTING POSSIBLE VULNERABILITIES

If you believe you have discovered a security issue, please send an email to security@addepar.com with information and detailed instructions on how to reproducethe issue. You can use our PGP key to communicate with us securely. Emails sent to security@addepar.com will be read and acknowledged with a non-automated response within three working days.

We promote the ethical disclosure of security bugs. For this reason, we kindly ask that security professionals act in good faith and follow these simple principles:

  • Share all available details, including proof-of-concept or any other artifact.
  • Give us a reasonable time to fix or mitigate the issue before any public disclosures.
  • Do not access or corrupt user’s data/corporate resources with the intent of  demonstrating a security bug.
  • Do not engage in activities that may degrade the performance of our services.