# Security Policy

## Reporting a Vulnerability

Security vulnerabilities and other security related findings can be reported via our [vulnerability disclosure program](https://bugcrowd.com/engagements/posthog-vdp-pro) or by emailing [security-reports@posthog.com](mailto:security-reports@posthog.com).

We currently do not operate a bug bounty program, but we will generously reward you with merch for any actionable security vulnerabilities found.