Security at Pusher

If you have found a security vulnerability related to Pusher, please submit a report to us. We will investigate the report as soon as possible and get back to you with an estimated timeframe for a fix to be implemented.

For each valid vulnerability reported we will offer to make a donation to Watsi in the name of the reporter.

Found a vulnerability?

When you've found a vulnerability please consider the following:

  1. Ensure the vulnerability relates directly to the Pusher service or an official library
    Although we will try and help, we can't be responsible for issues arising from libraries written by third party developers. Those questions are best suited to the individual library authors.

  2. Safely disclose the vulnerability
    Upon finding a vulnerability we ask that you get in touch and report it to us. Please avoid making details of the vulnerability public.

  3. Do not negatively affect other users
    If you've discovered a vulnerability the would allow you to negatively affect other users please report this to us. Please do not test a vulnerability on any other users.

  4. Provide as much information as possible
    It makes it a lot easier for us to verify the validity of a report if there is sufficient information provided. Screenshots, video recordings and detailed steps to reproduce tend to be the best ways of conveying the vulnerability.

If the above apply, then send an email to security@pusher.com

Special Thanks

We would like to extend our thanks to the following people for making Pusher safer.

  • Othmane Tamagart
  • Egor Homakov
  • Jineesh AK
  • Naveen Sihag
  • Hammad Qureshi
  • Len Mark
  • Madhu Akula
  • Sahil Saif
  • Jerold Camacho
  • Pratik Panchal
  • Vignesh Kumar
  • R. Kannan
  • Zee Shan
  • Mandeep Jadon
  • Muhammad Hassaan Khan
  • Sergio Ortega Fernández (s0rtega)
  • Fredrik Nordberg Almroth
  • Natanmai Deepak Sundararajan