Responsible Disclosure Program

Policy

Fast is serious about ensuring security and privacy. Maintaining both of these is vitally important to us. If you have found or discovered a vulnerability in Fast products and services. Kindly disclose it using the following guidelines.

Coverage
Here are the subdomains under Fast which you can use to test for vulnerabilities in Fast Checkout, Login and Order:
     • go.fast.co
     • fast.co
     • api.fast.co

Reporting Security Vulnerability
If you believe you have discovered a security vulnerability issue, please share the details with Fast via the following form.

Fast will acknowledge receipt of your report within 2-4 business days, Kindly avoid disclosing any vulnerability publicly until we analyze and address the issue. We will reward researchers depending on the severity of the vulnerability. Please include a proof of concept.