Levitate Vulnerability Program Scope and Rules

In Scope

We are primarily interested in vulnerabilities in the following categories:

Out of Scope

The following vulnerability categories are considered out of scope of our responsible disclosure program and should be avoided by researchers.

Please note that you are expected to engage in security research responsibly. For example, if you discover a publicly exposed password or key, you should not use the key to test the extent of access it grants or to download or exfiltrate data in order to prove it is an active key. Similarly, if you discover a successful SQL injection, you are expected not to exploit the vulnerability beyond any initial steps needed to demonstrate your proof-of-concept. Excessive exfiltration or downloading of Levitate data, or demanding payment in return for destruction of Levitate data, will be considered outside of the scope of this program, and Real Magic will reserve all of its rights, remedies, and actions to protect itself and its users.

Vulnerability Rewards

Our program does not currently provide any monetary rewards.

How to Report a Vulnerability

To report a vulnerability, please send an email to security@levitateapp.com.

Let's get started.

Or give us a call at 888-253-7050

Thanks for requesting a demo!

One of our team members will call you shortly to schedule a personalized demo.
Oops! Something went wrong while submitting the form.