PIM
Manage all product content in one central system of record.
Activation
Easily syndicate product content to every consumer touch point.
Enhanced Content
Enrich product pages with below-the-fold content and rich media.
Catalog Sites
Share secure, on-brand, and always up-to-date digital product catalogs.
Automation
Enhance collaboration with Salsify’s automated workflow engine.
Activation Insights
Continuously optimize your organization’s product content syndication.
GDSN Data Pool
Synchronize standard supply chain, marketing, and ecommerce attributes globally.
PXM Platform, Integrations, and APIs
Integrate the PXM platform with the rest of your enterprise systems architecture.
Supplier Onboarding
Accelerate supplier onboarding while ensuring your schema requirements are met.
Product Listing
Sell products faster with Product Listing.
Content Enrichment
Increase online conversions with Content Enrichment.
Automation
Save time and increase operational efficiency with retail automation.
SXM Platform, Integrations, and APIs
Integrate the SXM platform with the rest of your enterprise systems architecture.
Activation Network
Automate how you exchange product content data to the digital shelf.
Enhanced Content Network
Turn product pages into product experiences with Enhanced Content.
Ecommerce Platform Integrations
Create winning product experiences on owned sites with powerful ecommerce software.
GDSN Data Pool
Synchronize standard supply chain, marketing, and ecommerce attributes globally.
Open Catalog
Connect to the digital shelf faster with an open, standardized, and free product catalog.
Resources
Resource Library
Explore our ecommerce resources to get everything you need to win on the digital shelf.
Blog
Read our blog to get actionable insights for navigating changing markets and industry demands.
Webinars
Watch our on-demand ecommerce webinars to gain expert advice and tips from our community of industry leaders.
Engineering Blog
Explore our engineering blog to get developer resources, insights, and tips.
Events
Register for our upcoming in-person and virtual events to connect with other industry insiders.
Knowledge Base
Investigate our knowledge base to build your Salsify skills and understanding.
Product Updates
Explore the latest news and updates for Salsify products.
API
Examine our comprehensive API and webhook guides to start working with Salsify quickly.
Download Salsify's report to get insights into the latest trends and consumer behaviors.
Salsify looks forward to working with the security community to find vulnerabilities in order to keep our business and customer data safe.
Please read this entire policy before performing any security testing.
Who Are We
Salsify provides a best-in-class Product Experience Management (PXM), allowing our customers to create best-in-class commerce experiences through our integrated Product Information, Digital Asset Management, and Experience Builder services.
Bug Bounty Payments
Our disclosure program does not offer bug bounty payments.
In Scope Assets
Note: Only findings relating to these domains will be treated as valid.
app.salsify.com
api.salsify.com
Response Targets
We will make best efforts to meet the following SLA for Hackers participating in our program.
First Response = 14 Days
Time To Triage = 30 Days
Time To Resolution = Dependent On Severity
We'll try to keep you informed about our progress throughout the process.
Disclosure Policy
Program Rules
Out Of Scope Vulnerabilities
When reporting vulnerabilities, please consider
The following types of issues are considered out of scope:
Safe Harbor
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Reporting
If you believe your finding meets the requirements of a valid report for an in-scope asset, please use the following template to ensure you include the following sections in your report:
——- TEMPLATE START ——-
## TITLE
## SUMMARY
[add a summary of the vulnerability]
## IMPACT
## STEPS TO REPRODUCE (POC)
[add the specific steps to reproduce the vulnerability]
## REFERENCE MATERIAL
## ATTACHMENTS / SCREENSHOTS
## SUGGESTED FIX (optional)
## CONTACT
[include your email address]
——- TEMPLATE END ——-
Email your report to: vdp@salsify.com
Policy Valid Date
This policy is valid as of July 1st 2021