# Security Policy

## Reporting a Vulnerability

Please report any vulnerabilities discovered in Fleet products to security **at** fleetdm.com.

Fleet endeavors to acknowledge and fix any reported vulnerabilities ASAP. Acknowledgement is typically within 1 business day, and patches usually go out within 5 business days (depending on severity and timing).

### PGP Key

To encrypt vulnerability reports before sending them, please use this [PGP key](https://keys.openpgp.org/vks/v1/by-fingerprint/23A19D1F16D7184657D16D67320DB57DE4F0EE8F). 

The fingerprint of the key is `23A1 9D1F 16D7 1846 57D1  6D67 320D B57D E4F0 EE8F`.