Security Updates

To report security issues please see the BuildBuddy Responsible Disclosure Policy. To sign up for notifications when a security fix is released, email security-updates@buildbuddy.io.

Penetration testing​

BuildBuddy software undergoes regular security review and penetration testing by organizations preparing for deployment, by paid third party security researchers, and through internal review and testing.

Copies of our penetration testing reports are available by emailing security-requests@buildbuddy.io.

Public disclosure​

Feedback is responsibly shared to the product team in order to offer security updates to the BuildBuddy community prior to publicly disclosing issues to the security-updates@buildbuddy.io mailing list.

Note: To increase the safety of BuildBuddy users, specific details on security updates in BuildBuddy releases are announced 30 days after the availability of the update. We have a mandatory upgrade policy and only provide updates for the latest release.