Security of Fly related services

Fly is committed to keeping customer data safe and secure. If you discover a potential security issue with a Fly service, we want to know!


How to report a security problem

If you feel the issue is urgent or includes sensitive information, please send your report directly to security@fly.io. This will give us a structured way to track and respond to your concerns, usually within 24 hours.


How we manage security issues

We work with security researchers to triage and investigate potential security issues in our products and services. If you have discovered a potential security flaw in Fly infrastructure or code, please let us know.

When we receive a report we will:

Acknowledge your submission

We will reply to your report, usually within 24 hours and issue you a ticket ID number for future tracking.

Investigate the report

We will attempt to reproduce the issue and determine its impact on our customers. Although we won't disclose issues until our investigation is complete, we will work with you to make sure we fully understand the issue.

Resolve or mitigate the issue

Once our investigation is complete, we will determine how best to resolve the security issue. This might include mitigation, reports to upstream software providers, or patches / configuration changes without our own infrastructure.