At Coda, we maintain a high level of information and organizational security, and are working to improve it further with SOC II Type 2 compliance certification. While we have had an exceptional record so far, no company is completely immune to security issues. To that end, we have been running a bug bounty program for researchers to responsibly report security issues in Coda and get rewarded.
We’d like to share this program more widely within our community for the security-minded folks here. If you have found an issue in Coda, please report it through our HackerOne page here: https://hackerone.com/coda_bbp
Thanks for helping us keep Coda safe!