We invite you to help make Directly a safer place for our customers and experts by disclosing security issues responsibly.

If you’re a security expert or researcher and believe you’ve discovered a security-related issue with the Directly Platform or any of our subdomains (*.directly.com), we appreciate your help in disclosing the issue to us responsibly.

We ask the security researcher community to allow us to correct a vulnerability before publicly disclosing it. Please submit a bug to Bugcrowd with a detailed description of the issue and the steps you believe may be required to reproduce what you have observed. For questions about our program, please email us here.

Our responsible disclosure process is dedicated to perceived online security issues that may affect customers and experts using the Directly Platform. Upon receipt of your report, we promise to promptly review and address any security issues and communicate with you during our investigation and upon resolution.

Thanks again for making Directly a safer place for our customers and experts by disclosing security issues responsibly.