Our commitment to secure data orchestration
Astronomer is on a mission that empowers data teams to bring mission-critical analytics, AI, and software to life. As such, it is our priority to ensure that our systems handling customer data are designed and implemented securely. But we also understand that these systems can become complex and vulnerable.
Central to our mission and history building upon one of the largest open source software projects in the world, transparency, collaboration, and community involvement is critical in addressing today’s reality. That is why we are launching a new Astronomer Vulnerability Disclosure Program that leverages a global platform to better leverage the global community of security researchers in identifying and addressing vulnerabilities in our systems.
Introducing our new Vulnerability Disclosure Program
Astronomer’s Vulnerability Disclosure Program is a way for us to better engage with the global community in receiving, recognizing, and rewarding findings from the collective security community. We invite you to find and report vulnerabilities, bugs, or security flaws you discover in our systems as outlined in our rules of engagement. By disclosing these findings, you will not only help in making our systems more secure for everyone, you will also help to better safeguard the data our customers handle and process themselves.
In launching this new Vulnerability Disclosure Program, we have partnered with Bugcrowd, a leading bug bounty and vulnerability disclosure platform, to manage the submission process and helping to streamline the process for all participants. Detailed guidelines and rules for participation can be found on our Astronomer Vulnerability Disclosure Program page: https://astronomer.io/vulnerability-disclosure.
Securely orchestrating your data, together
At Astronomer, we recognize the critical nature of security and view it as a transparent and collaborative effort. We invite the global security research community to participate in our Astronomer Vulnerability Disclosure Program.
