Skip to main content

Security Updates

Updated January 13, 2022

To report security issues please see the BuildBuddy Responsible Disclosure Policy. To sign up for notifications when a security fix is released, email

Penetration testing

BuildBuddy software undergoes regular security review and penetration testing by organizations preparing for deployment, by paid third party security researchers, and through internal review and testing.

Copies of our penetration testing reports are available by emailing

Public disclosure

Feedback is responsibly shared to the product team in order to offer security updates to the BuildBuddy community prior to publicly disclosing issues to the mailing list.

Note: To increase the safety of BuildBuddy users, specific details on security updates in BuildBuddy releases are announced 30 days after the availability of the update. We have a mandatory upgrade policy and only provide updates for the latest release.