# Security Policy

Wealthsimple secures our code base using a combination of code review, dependency review, and periodic security reviews. Static analysis is performed during automated verification additionally safeguards against common coding errors which may result in vulnerabilities.

### Reporting a Vulnerability

For general defects about this project, please file a [Bug Report](https://github.com/wealthsimple/pheme/issues/new/choose)

To report a vulnerability about this project please [Report a security vulnerability](https://github.com/wealthsimple/pheme/security/advisories/new)

If you have a vulnerability to report about the Wealthsimple platform, please use our white hat bug bounty program at [Hackerone](https://hackerone.com/wealthsimple)

### General Support

For additional support, please open a [Github Discussion](https://github.com/wealthsimple/pheme/discussions).