Welcome to the PepsiCo Responsible Disclosure Site
By submitting a vulnerability to PepsiCo through ResponsibleDisclosure.com, you agree to the Terms of Service.
Get Started

Responsible Disclosure Policy:

This page is for security researchers interested in reporting application security vulnerabilities. This is intended for application security vulnerabilities only. The details within your request form will be submitted to ResponsibleDisclosure.com (operated by an independent third party, Synack).

If you have reported an issue determined to be within program scope; is determined to be a valid security issue; and further you have followed program guidelines, the ResponsibleDisclosure.com will recognize your finding and you will be allowed to disclose the vulnerability after a fix has been issued. Please refer all questions to ResponsibleDisclosure.com portal.

Typical Vulnerabilities Accepted:

Typical Out of Scope:

For a full list of program scope please visit the Responsible Disclosure details page

Responsible Disclosure Guidelines: