At NOW and Sky, we recognise the important contribution of the security research community. If you believe you’ve found a security issue and would like to tell us about it, here’s how to report it.
What should I report?
Please only report security issues such as (but not limited to):
- XSS, XXE, CSRF, SQLi, Local or Remote File Inclusion
- Authentication issues
- Remote code execution
- Authorisation issues and privilege escalation.
Please don't include any NOW internal data with your report.
If you have any concerns about privacy or data protection, please see the Contacting NOW section of our Privacy notice.
How do I submit a report?
Just click the button below to submit your report via Bugcrowd. (If you don't already have a Bugcrowd account, you'll need to create one before you can submit your report.)
By submitting a report to Sky, you agree to keep the subject matter of the report, as well as all subsequent related conversations with Sky, strictly confidential. This is so that we have the opportunity to investigate and take action as needed.
Submit a report
What happens next?
We want to ensure that our services continue to be as secure as possible, so we’ll review your report quickly. Once you’ve submitted it you’ll get an email from Sky confirming receipt and the next steps.