Try Engine Yard for your Rails app
START A FREE TRIALFree Download
"Top 10 Advantages of Platform-as-a-Service"
Should you DIY your app deployment & maintenance or hand it off?
Subscribe to the Engine Yard blog for expert Rails tips!
Our Responsible Disclosure Policy
As many of you know, GitHub recently experienced a security breach that caused some challenges for Engine Yard and our customers. As part of this, GitHub made the difficult, but absolutely right decision, in requiring all users of their service to re-validate their SSH keys. Additionally, GitHub took the opportunity to release their “Responsible Disclosure of Security Vulnerabilities” policy that outlines how to interact with them when sharing security vulnerabilities.
At the end of 2011, Engine Yard conducted a detailed security audit against our Engine Yard Cloud and Orchestra platforms. While the investment was significant, we realize the importance and value that regular security testing brings. With that said, we also value the community’s input into our security posture. With that in mind, and following the lead of our friends at GitHub, we released a similar “Responsible Disclosure Policy” that outlines our commitment to you when you take the time to responsibly test and disclose security vulnerabilities to us.
http://www.engineyard.com/legal/responsible-disclosure-policy
We value your input and are focused on providing a safe and secure platform for our customers, and the larger community.
Share your thoughts with @engineyard on Twitter