Skip to content

digitalocean/security

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 

Repository files navigation

DigitalOcean Security

If you have found a security vulnerability in a DigitalOcean product, please submit it via our Intigriti bug bounty program: https://app.intigriti.com/programs/digitalocean/digitalocean.

If you are a partner attempting to report a security concern via embargo, email us at security@digitalocean.com.

If you wish to encrypt your communication, you may do so via encrypting a message to security@digitalocean.com with either the Age public key or GPG public key in this repo.

Encrypted communications

We recommend you leverage https://github.com/FiloSottile/age for encrypted communications.

  1. Generate a public-private keypair.

    age-keygen -o secret_key.txt
  2. Encrypt your message with our public key. Ensure your output is PEM-encoded with the --armor` flag.

    age --encrypt -r age12n58x3u8ky5nse8szjusasukdv8k0588raahk8lesvr6zt6nq9fsjkn2kw -o encrypt.txt --armor mymessage.txt
    # or
    age --encrypt -r age12n58x3u8ky5nse8szjusasukdv8k0588raahk8lesvr6zt6nq9fsjkn2kw -o encrypt.txt --armor <<< "My message"

    Age encryption

  3. Email the encrypt.txt to us at security@digitalocean.com.

  4. We will respond to any encrypted communications with an encrypted response. Decrypt a message with:

    age --decrypt -i secret_key.txt -o plain.txt response.txt

    Age decryption

You may also send us GPG-encrypted communication using the GPG_public_key.txt file in this repository.

About

No description, website, or topics provided.

Resources

Security policy

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published