# Reporting Security Vulnerabilities

Monte Carlo values independent security research and believes responsible vulnerability disclosure ensures user security and privacy.

Please do **NOT** raise a GitHub Issue to report a security vulnerability. If you believe you have found a security vulnerability, please submit a report to security@montecarlodata.com. Proof of concepts are appreciated. We provide additional information on [how to report security vulnerabilities to Monte Carlo](https://trust.montecarlodata.com/resources/ZTMzNjM0YmMtZDQ3Yi00NWJmLTk0NmQtNWEwNzJkMWJmMDZj).

We ask that you do not use other channels or contact project contributors directly.

Non-vulnerability related security issues such as new great new ideas for security features are welcome on GitHub Issues.

## Security Updates, Alerts and Bulletins

Security updates will be released on a regular cadence and are aligned with the severity of the issue. More details can be found on our [Trust Center portal](https://trust.montecarlodata.com). Additional information, including our vulnerability management policy, is available on our our [Trust Center portal](https://trust.montecarlodata.com).

## Security-Related Information

We may provide security related information such as a threat model, considerations for secure use, or any known security issues in our documentation. Please note that documentation and sample code are intended to demonstrate a concept and may not be sufficiently hardened for production use.