Explore Industry Research
What do Gartner, Forrester, and IDC have in common? They all named Anaplan a planning leader.
Did you find a vulnerability on anaplan.com? Use these guidelines and instructions to report the vulnerability to us.
We take security seriously and will thoroughly investigate your report.
Out of scope:
This page is only for responsible disclosures.
Please notify us as soon as possible after finding a vulnerability on anaplan.com.
Provide the technical details, steps to exploit, and a proof of concept, if available.
Don’t exploit vulnerabilities that will cause a service disruption or social engineer or phish our employees to prove out the vulnerability.
Avoid privacy violations. If an exploited vulnerability results in access to personally identifying or confidential information, don’t transfer, alter, or destroy it.
We won’t consider these submissions:
Vulnerabilities from scanners and tools
Issues related to HTTP headers
Error messages that don’t include sensitive information
Issues related to SSL/TLS configurations
Clickjacking on static web pages
Use of outdated software and libraries
Email us with the full details and a proof of concept at: firstname.lastname@example.org.