Welcome HackerOne researchers! Please post test comments ONLY in this post

Back to Community

edited Mar 23, 2018

Quantopian is excited by the amount of interest that security researchers are showing in helping us identify issues with our platform, as a result of the launch of our public HackerOne bug-bounty program. We've been running a successful private bounty program on HackerOne for about a year and a half now. Taking our program to the next level by making it public will help us to keep our application, and our members' data, secure.

We enthusiastically welcome all the researchers who are helping to test Quantopian. Having said that, our members are somewhat less excited about all the emails they're receiving as a result of researchers creating test posts and comments in our forums. We want to find a balance between allowing effective testing of our forums for security issues and maintaining a high signal-to-noise ratio in the forums for our members.

To that end, we would like to ask the following:

Researchers testing our forums should not post any new, top-level postings at this time. We are working on a technical solution which will allow researchers to test the security of top-level postings without undue disruption, but in the meantime, please refrain from doing so.
Researchers testing the security of comments should only post them in response to this post. In other words, do not post test comments on any post but this one.

Thank you in advance for your help and cooperation.

Jonathan Kamens
CISO, Quantopian

Disclaimer

The material on this website is provided for informational purposes only and does not constitute an offer to sell, a solicitation to buy, or a recommendation or endorsement for any security or strategy, nor does it constitute an offer to provide investment advisory services by Quantopian. In addition, the material offers no opinion with respect to the suitability of any security or specific investment. No information contained herein should be regarded as a suggestion to engage in or refrain from any investment-related course of action as none of Quantopian nor any of its affiliates is undertaking to provide investment advice, act as an adviser to any plan or entity subject to the Employee Retirement Income Security Act of 1974, as amended, individual retirement account or individual retirement annuity, or give advice in a fiduciary capacity with respect to the materials presented herein. If you are an individual retirement or other investor, contact your financial advisor or other fiduciary unrelated to Quantopian about whether any given investment idea, strategy, product or service described herein may be appropriate for your circumstances. All investments involve risk, including loss of principal. Quantopian makes no guarantees as to the accuracy or completeness of the views expressed in the website. The views are subject to change, and may have become unreliable for various reasons, including changes in market conditions or economic circumstances.

72 responses