Join the Arena

Security

We take security seriously. If you've discovered a vulnerability in Gray Swan's products or infrastructure, we want to hear from you.

Report vulnerabilities to: security@grayswan.ai

Shade Pricing
AI security products
View case studies

Scope

  • grayswan.ai and its subdomains
  • Gray Swan products (Platform, Arena)
  • Our APIs and integrations

Out of scope: Third-party services, social engineering of employees, denial of service attacks.

What We Ask

  • Provide enough detail to reproduce the issue
  • Give us reasonable time to respond before public disclosure
  • Don't access or modify data belonging to others

Safe Harbor


We will not pursue legal action against researchers who report vulnerabilities in good faith and in accordance with this policy.

Recognition


We may publicly acknowledge researchers who report valid vulnerabilities (with permission). While we don't currently operate a formal bug bounty program, we may offer rewards at our discretion for significant findings.

Acknowledgments

  • 2025-11 - Chris Woodall - Arena challenge config exposure
  • 2025-11 - DIN - Arena challenge config exposure
  • 2025-09 - Mochamad Sofyan - DNS configuration