Secure Our Platform, Earn Rewards
Join our bug bounty program and help us strengthen our security. Earn credits now, cash rewards coming soon!
Start Hunting BugsReward Tiers
Critical
1000 credits
For critical severity vulnerabilities
High
500 credits
For high severity vulnerabilities
Medium
250 credits
For medium severity vulnerabilities
Low
125 credits
For low severity vulnerabilities
Program Guidelines
Before You Begin
Read our Attributes page to familiarize yourself with our official domains and accounts. This is crucial for identifying valid targets.
For open-source projects, no monetary rewards are offered. Instead, review our Ciphera Style Guide for contribution guidelines.
Program Rules
- - Do not attempt any actions that could negatively impact our services or users, such as DoS/DDoS attacks, without explicit written consent.
- - Respect the privacy of our users. Do not access, modify, or retain any user data you may encounter during your research.
- - Report vulnerabilities promptly and directly through our designated channels. Do not disclose any findings publicly before we've had a chance to address them.
- - Provide detailed reports with clear steps to reproduce the vulnerability and potential impact.
- - Do not use any automated scanning tools that could impact our services' performance.
- - Stay within the scope of the program. Testing on systems or applications not explicitly included in the bug bounty program is prohibited.
- - Do not attempt to extort or blackmail us using any findings from your research.
- - Comply with all applicable laws and regulations while conducting your research.