Security at Pusher

Security researchers who have found bugs on our platform are encouraged to report their findings on https://hackerone.com/messagebird and may be eligible for a reward in the case of valid vulnerabilities.

Found a vulnerability?

When you've found a vulnerability, please consider the following:

  1. Ensure the vulnerability relates directly to Pusher or an official library
    Although we’ll try to help, we can't be responsible for issues that arise in libraries written by third-party developers. Those questions are best suited to individual library authors.
  2. Disclose the vulnerability safely and discreetly
    Once you find a vulnerability, get in touch and report it to us quickly. Please avoid making details of the vulnerability public.
  3. Don't exploit the vulnerability to negatively affect other users
    If you've discovered a vulnerability that could negatively impact other users, please report it to us immediately and avoid testing it on anyone else.
  4. Provide as much information as possible
    The more information you send our way, the easier it is to verify the validity of a security report. Screenshots, video recordings, and detailed steps to reproduce your experience tend to be the best ways of conveying the vulnerability.

If the above apply, please send an email to security@messagebird.com

Any reward offered does not apply for products that are in beta, learn more.