Search across silos. Automate workflows. Orchestrate AI agents. Govern with confidence.
Leverage Agentic capabilities to empower customers and create personalized experiences.
Streamline knowledge-intensive business processes with autonomous AI agents.
.webp)
Join Kore.ai’s re:imagine Tour in Dallas on 16th October, 2025. Discover how enterprises are scaling AI with real use cases and expert insights.
Join Kore.ai’s re:imagine Tour in Dallas on 16th October, 2025. Discover how enterprises are scaling AI with real use cases and expert insights.
.webp)
Vulnerability Disclosure Program (VDP)
Partnering with the security community to identify and address potential vulnerabilities.
Objective
The objective of Kore.ai Vulnerability disclosure program is to protect confidentiality, integrity, and availability of its services, while obtaining knowledge of any gap(s) or security vulnerabilities which may be present in the services.
Kore.ai appreciates the contribution of security researcher community in enhancing our security posture. We request the help and support of the community in ensuring the services are safe and potentially free of all security issues.
Program Scope
Kore.ai encourages the disclosure of any and all security vulnerabilities or concerns which would affect the services offered and would leave the services open to any potential security breach, including
(a) Injection
(b) XSS
(c) Authorization flaws, misconfigurations
The aforementioned list is not exhaustive in any way or manner, and Kore.ai reserves the right to modify this list, without any prior notification.
Exclusions
(a) Any DOS/DDOS attacks;
(b) Any automated scanning activities;
(c) Any submission made based on access which has been granted in accordance with any applicable contract, click-wrap or shrink-wrap agreement.
The aforementioned list is not exhaustive in any way or manner, and Kore.ai reserves the right to modify this list, without any prior notification.
Confidentiality Obligations:
For any submission to be covered under this Program, the submitter shall notify only Kore.ai of such vulnerability. It shall hold the vulnerability in utmost confidence and shall not share the same publicly.
Disqualification from Program
Some examples of the activities which shall be treated as disqualification(s) are listed below:
- Breach of confidentiality obligations under the Program and under law.
- Attempt to extract or remove data from the services offered by Kore.ai.
- Any ransomware attempt while performing activities in scope under this Program.
- Attempt to commercially exploit such vulnerability.
- Attempt to hold Kore.ai accountable under any laws due to activities performed in scope under this Program.
The aforementioned list is not exhaustive in any way or manner, and Kore.ai reserves the right to modify this list, without any prior notification.
Legal action
Kore.ai reserves the right to take all necessary and remedial legal action against the submitter if it determines that the activities performed are a violation of applicable law, covered under the Disqualification(s) or Exclusion(s) listed or determined, and/or have forced Kore.ai to face any legal consequences, which could have been avoided if a disclosure was made under this Program.
Procedure
Please report any vulnerabilities with details steps and procedures by raising a support ticket using https://support.kore.ai
Kore.ai shall acknowledge the issues and respond accordingly.
Bug Bounty
This is not a bug bounty program and Kore.ai does not guarantee any monetary rewards for the submissions made.
Rewards, if any, will be awarded only at Kore’s sole discretion, for vulnerabilities which Kore, in its sole discretion, determines are substantial in nature.
Contacting Kore.ai
Feel free to contact us if you have any questions about our Privacy Policy.