Quick intro

Any registered user has the ability to create reports and help fix open security issues !

Check out this 10 minutes awesome LeakIX tutorial by Cristi to get started :

Process

In this section, we detail the process of creating a report and its final steps towards resolution.

Report creation

Next to each search results, you will find a Create report button.

Once you found a leak to report, this button will lead you to a report creation screen. The following information will be requested in order to help solving the issue :

  • Title, a short descriptive title of the issue
  • Owner, the entity responsible for the Leak
  • Contact, list of emails used to warn the entity about the issue
  • Already contacted, list of emails you already contacted yourself
  • Description, the description of the issue, try to be as complete as possible
  • Severity, the estimated severity of the issue

Once all the information has been filed, you can create the report by clicking the Create report button.

Report moderation

Once your report has been created, it will be pending moderation. During this time your are still free to update your report by clicking the Edit report button.

When it is validated, your report will show the Processing status

Report communication

That's it, our system has now dispatched a detailed report to the provided contacts and has included the events as detail and proof of the issue. Additionally, our probe will regularly check your report and ping the involved parties if it tests the issue as resolved.

At this point, the report cannot be edited anymore but comment can be added. They will be dispatched to all the specified parties. The report is attributed a private mailbox and any mail replies will be recorded and shared with all parties to help with coordinated disclosure.