Responsible Disclosure Policy

In this policy, references to “Glasswall”, “us”, “we” and “our” mean Glasswall Ltd., a privately held company.

Glasswall was founded on the ideology that every file should be trusted, and we believe that companies and individuals should have the freedom to access and use technology in a safe and consistent manner.

We advocate transparency within the security industry, with a willingness and desire to share information with one another, creating a secure digital world for us all to enjoy.

Glasswall is committed to engaging positively with the research community that protects our company and customers. Therefore, we actively encourage anybody that has identified a vulnerability to work with us so that we can maintain the integrity, functionality, and confidentiality of our software.

The terms below apply to any website, application, or service distributed by or hosted by Glasswall.

Please use the form below OR the email address [email protected] to alert us to:

  • Vulnerabilities or breaches in our software or environments which threaten the confidentiality, integrity or availability of our data, software, or services, or our customers’ data
  • Applications that mimic, mislabel, misdirect, or “copycat” Glasswall, or phishing attacks even if they do not originate from Glasswall sources
  • Written or verbal discussion, activities, or data in any public forum which you believe constitutes a threat to Glasswall, our employees or our customers

Disclosing a security concern to Glasswall
[pardot-form id=”17140″ title=”Responsible Disclosure Policy form”]

When contacting us to provide a disclosure, you agree to the terms of our Privacy Policy and that we can use the information you provide to ensure the integrity, security, and reliable functionality of our technology and business.

If you are uncomfortable sending any of the following content by email, you may mask or redact sensitive content.

Your submission should contain:

  • Clear, descriptive summary of the vulnerability with accurate evidence (logs, screenshots, responses or other evidence).
    • Include date of first discovery
  • Tools involved with the discovery of the vulnerability.
  • Detailed steps on how to reproduce the issue.
  • Platform details including IP addresses, vulnerable endpoints, services etc.
  • Personal assessment of exploitability, or the inherent risk of the issue.
  • Your contact details (If you are not comfortable, please anonymise using the form here).



  • Provide a detailed and complete submission
  • Be sure to include your contact information so that Glasswall can communicate as necessary
  • Be specific and detailed
  • Treat the vulnerability report and any vulnerability as confidential information and not divulge to any third person (except disclosure to Glasswall) any such information until public disclosure is mutually agreed upon with Glasswall
  • Report vulnerabilities in a vendor we integrate with or leaks of Glasswall customer data


  • Do not break international, federal, state or local laws
  • Put Glasswall data, employees or customers at risk
  • Do any unsolicited testing that would result in a denial of service (DoS), attempt at physical access, or anything that could be considered social engineering against Glasswall employees


Glasswall’s response

Glasswall has measures in place to ensure that reports of this nature are treated with high importance, and can be responded to quickly and effectively. Glasswall commits to responding to credible vulnerability disclosures that provide the required information within 48 business hours.

We will not respond to:

  • Hoaxes or anonymous reports.
  • Reports that are generic or lack evidence to be verified.
  • Reports that bear no relevance to Glasswall as a company, its technologies, or its employees or customers.
  • Reports that are non-actionable.


Glasswall believes in coordinated disclosure with regard to vulnerabilities that have been reported to us and fixed. We expect professional conduct and will seek to agree on reasonable timelines for updates and coordination with security researchers and others who may report vulnerabilities.

While we will work diligently to address vulnerabilities, we will work with you to set expectations on timeline for fixing a vulnerability and do not adhere to specific windows of time for fixes, or updates to the person who filed the report. We will disclose publicly alongside anyone who makes a report that helps us ensure our technologies, data, and employees are secure. At this time, we do not have a formal bug bounty program, but each submission will be reviewed on an individual basis in context to severity.  

Please click here  to report a vulnerability or information about any other relevant security issue.

Thank you for helping keep Glasswall secure!

We appreciate the efforts of the global security research community who work to identify vulnerabilities and collaborate with organizations like ours to create a fix and communicate responsibly to affected parties.






What are file-based threats?

What is zero-trust file protection?

How does Glasswall CDR work?

Picture of a knight mask with swords to illustrate our battle for being the market leader in CDR

Glasswall vs Competitors

Why Glasswall CDR?

Learn about the simple way to protect against sophisticated file-based threats.

All resources



Case Studies

Use Cases




Product help



Contact us


strategic alliances

About our Partner Program

Our Partners

Become a Partner

Glasswall partner program

Bringing File-based threat protection to your customers

Offer a richer security portfolio with the most agile CDR platform on the market. Stand out from the competition with a partner program built for you. Let’s make files safer together.

About Glasswall

Our People




Contact Us

support lines


Raising the bar on file security

We believe people should be free to open their files without fear. To click on anything without risk of catastrophe. To use systems the way they were meant to be used. That’s why we’re raising the bar on file security at Glasswall.