LegalZoom Security

To maintain a high degree of security for our products and services, we currently offer the opportunity for security researchers to help us identify vulnerabilities and report them to our team.

The security of our infrastructure is important to us, so the feedback we receive is highly appreciated. It helps us to safeguard our services and deliver the best possible protection to our customers and their data.

Responsible disclosure policy

We operate with a policy of responsible disclosure for reporting security vulnerabilities. If you're involved with security research, here are our guidelines and the process for reporting possible vulnerabilities.

Research guidelines


This policy applies to the following systems:


Any services not expressly listed above, such as any connected services, are excluded from scope and are not authorized for testing. Additionally, vulnerabilities found in non-LegalZoom systems from our vendors fall outside of this policy's scope and should be reported directly to the vendor according to their own disclosure policy, should one exist.

If you aren't sure whether or not a system or endpoint is in scope, contact us at before starting your research.

How to report a suspected security vulnerability

If you believe you've found a potential vulnerability, please complete and submit the responsible disclosure form below, providing as much detail as possible.

What happens next

LegalZoom will acknowledge your submission and review the reported issue. You'll be notified of whether the reported issue is validated, and if so, the priority level assigned.