Flexibility and independence for your video conferences.
Secure video conferencing for those who want to remain digitally confident.
Open Source Community

Security Reports

User-friendly
Secure
Digitally sovereign

Our customers and partners trust in the security of OpenTalk. We take this trust very seriously - which is why we want to give IT security specialists the opportunity to report potential vulnerabilities in our products.

Support our team in increasing our security

Have you discovered a security vulnerability in OpenTalk? - Then please help us to improve our software and further increase security. You can use the form to contact our IT security team and report a potential vulnerability.

Please give us some time to verify and fix your report before you publish it. Thank you very much.

Guidelines for the disclosure of security issues and vulnerabilities

Are you planning to disclose a security issue or vulnerability you have discovered in OpenTalk? - Please act conscientiously and respect the privacy, confidentiality and integrity of our users.

Please understand that we cannot cooperate with people who disregard these values and try to exploit the vulnerability or gain access to third-party data.

Report a security issue or vulnerability

Your request will be processed by us as soon as possible. You can find our data protection notice here.

Rules for security checks

A test account may be created for security tests at https://register.opentalk.eu. The creation of mass accounts is prohibited.

Please act with caution to avoid violating your privacy, losing data or compromising our services.

Please only interact with your own account or an account whose owner has expressly authorized you to do so.

Please do not report any vulnerabilities that affect an outdated browser, browser extensions (plugins) or third-party software.

 

Explicitly prohibited are

  • DDoS attacks (denial of service)
  • "Spamming", "phishing" and "social engineering" attacks
  • Brute force attacks and testing of email addresses
  • Self-XSS (Self cross side scripting) as part of the social engineering attack
  • Any kind of social engineering and interference with our employees
  • Uploading, installing or sending malware
  • Manipulating third-party files 
  • DNS manipulation
     

You can find a list of published safety reports here: