To address these concerns (and let you sleep more peacefully), we’ve launched Paddle’s first Vulnerability Disclosure Program (VDP). A VDP is a formal program where security researchers and experts from all over are able to submit detailed information on security vulnerabilities they discover to organizations, like Paddle. This gives us the best opportunity to discover and fix anything that we’ve missed or that the tools didn’t spot. Because: the more eyes, the better.
We’ve worked with independent security researchers for a while but with our VDP, we are not only improving the operation of our process, but its transparency too. Always seeking to optimize our customers’ security and the resilience of our service more and more, we strive for the utmost confidence in our platform for our customers.
For more information on this launch, take a look at our Vulnerability Disclosure Policy, or head to security.txt for how to interact with Paddle security or to submit a report.