Responsible Disclosure

Effective Date: 27-September-2023

Freshworks is committed to protecting customer data and treats it with the highest priority. We genuinely value the contribution of security researchers in supporting organizations to better their security posture. Thus, we encourage them to participate in the Freshworks Bug Bounty program and support us in our objective to provide a secure computing experience to our customers.

Freshworks Bug Bounty Program:

We have partnered with HackerOne to handle security vulnerabilities identified in our products. If you identify a security bug, we request you submit it via the HackerOne Program listed below.

Submit Bug Report

By submitting a security bug or vulnerability to Freshworks through HackerOne, you acknowledge that you’ve read and agreed to the program terms and conditions. Refer to our policy on HackerOne for more information on how to participate in our bug bounty program.

Recognition:

We want to thank researchers who have responsibly disclosed a vulnerability to us. We will recognize their efforts at our HackerOne Page.

Our Hall of Fame Page continues to honor the contributions of security researchers who have previously reported issues.

Contact Us:

For any security-related queries or to contact the Freshworks Security Team, please use our official communication channel: security@freshworks.com.

General questions related to Freshworks are handled by our Customer Support team – for questions, comments, or feedback, click here.

Hall of Fame

While Freshworks does not provide any reward for responsibly disclosing unique vulnerabilities and working with us to remediate them, we would like to convey our deepest gratitude to the security researchers publicly. We will add your name to our Hall of Fame. Freshworks truly appreciates your legendary efforts.

We would like to recognize the efforts of the following individuals for their contribution to our responsible disclosure program. Please accept our sincerest gratitude to every one of you.

2023

  • Varshini Ramesh

  • Ramkumar G

  • Udhaya Prakash

  • Mohd Kashif

  • Lave Kumar

  • Vishwas Reddy

  • Mark Charest

  • Sathish K

2022

  • Akash Singh

  • Saddam Hussain

  • Yash Kumar Verma

  • X-Samurai

  • Devender Rao(in/devender-rao)

  • Robin De Smet (Kautz.io)

  • Thirumalaivasan Candassamy

2010 - 2021

  • Gopikrishna

  • Neeraj Sonaniya

  • Samir Hadji

  • Rojan Rijal

  • Marek Szustak

  • Vignesh Jothiraj

  • Deepali Sarjerao Malekar

  • Prasanna P R

  • John Steven Bullecer

  • Havoc Guhan

  • Muthukumar Marikani

  • Ratnadip Gajbhiye

  • Virendra Yadav

  • Ahsan Khan

  • Allan Jay Dumanhug

  • Nor Win

  • Paulos Yibelo

  • Kalpesh Makwana

  • Georgie Yoxall

  • Abdul Rehman

  • Koutrouss Naddara

  • Lokesh Kumar

  • Ranjeet Singh

  • Sir Root

  • Rafael Pablos

  • Nithish Varghese

  • Shivam Kumar Agarwal

  • Sreehari Haridas

  • Zeyad Khaled

  • Babar Khan

  • Varun Kakumani

  • Md. Nur A Alam Dipu

  • Gaurang Bhatnagar

  • Naveen Sihag

  • Andy Linux

  • Eddy Abrar

  • Kamran Saifullah

  • Mehul Mohan

  • Jay Patel

  • Kacper Szurek

  • Dhayalan B Dhayalan

  • Eusebiu Blindu

  • Deepankar Arora

  • Wordfence

  • Pankaj Rane

  • Yaroslav Olejnik

  • Vinoth Kumar

  • Kunal arora

  • Cristian Joseph D. Legacion

  • Atul Shedage

  • Babita Ram

  • Subramanian

  • Harry M. Gertos

  • Apurve Jain

  • Kamil Sevi

  • Robbie Wiggins

  • Nishtaa chandak

  • Nicholis du Toit

  • Krishnaraj Ramalingam

  • Karl Aparece

  • Tarun Sehgal

  • Hasan Khan

  • Sushil Sunil Ainani

  • Adesh Anand

  • Samuel Valmiki

  • PRATIK V. GAIKWAD

  • லுஃவாஃதிளயுஙிள் (rboxtjwlsso)

  • Oscar Arnflo

  • Bishal Khadka (Chandu)

  • Offensive Bug Hunter(Sovon Bhattacharya)

  • GoodData Security Team

  • Sakthivel Swaminathan