Bountytalk - Forums Advertising & Bounty Hub
Other Bounties => Bug bounty programs => Topic started by: Angelina on July 20, 2023, 06:27:24 pm
-
submit bug report
Hack the Proxy Bug Bounty Eligibility Rules
This is issued by CYBERCOM and DDS. The explicit intent is to find places where the many external DODIN touchpoints might be used by adversaries to surveil information that is internal to the network. As such, this will be focused on content intermediaries, such as proxies, VPNs, and virtual desktops.
The Hack the Proxy Bug Bounty will start on Sept 3rd at 12:00 (noon) Eastern Standard Time and end no later than Sep 13th at 17:00 Eastern Standard Time.
If you have information related to security vulnerabilities in the online services listed in scope below, we want to hear from you! We value the positive impact of your work and thank you in advance for your contribution. Please review all the participation and payment eligibility rules before you report a vulnerability. By participating in this challenge, you agree to be bound by all challenge rules.
General Participation and Payment Eligibility
Individuals from the public are eligible to participate if you meet the eligibility criteria below. Individuals from the public may be eligible to receive a payment award if you meet the payment eligibility criteria below. U.S. Government contractor personnel are considered individuals from the public and may be eligible to participate on your own personal time and using your own personal resources if you meet the eligibility criteria for individuals from the public below.
Up to 600 eligible applicants will be invited to participate in the challenge. Invitations will be issued to eligible participants during the challenge at regular intervals. For each invitation batch, approximately 70% of the participants will be determined by the HackerOne Reputation System while approximately 30% will be determined by random lottery. If you are selected, you will receive an electronic communication confirming your participation.
Participation and Payment Eligibility for Individuals from the Public
Individuals from the public, including U.S. Government contractor personnel, are eligible to participate only upon meeting ALL of the following conditions:
You must have successfully registered as a participant through this security page.
You must not reside in a country currently under U.S. trade sanctions.
U.S. persons as defined by the Internal Revenue Code Section 7701(a)(30) and to foreign nationals based on their Government passport, who are not on the U.S. Department of Treasury’s Specially Designated Nationals List, and who are not citizens of the following countries: China, Russia, Iran, and the Democratic People’s Republic of Korea.
If you submit a qualifying, validated vulnerability, you may be eligible to receive an award, pending a security and criminal background check. Specific information on payment eligibility will be provided upon acceptance into the challenge.
You may NOT participate in this challenge unless you comply with the relevant participation requirements described above.
Legal
In connection with your participation in this challenge, you agree to comply with all applicable federal, state, and local laws. We reserves the right to change or modify the terms of this challenge at any time. If accepted to participate in this challenge, please check back often for any updates to this challenge.
Acknowledgment
By clicking “Apply Here” to participate in this Hack the Proxy Bug Bounty challenge, you are confirming that you have read, understand, and agree to be bound by these rules and restrictions, that you meet all eligibility requirements listed above, and that you understand that if you are not in compliance with these rules and restrictions you may be subject to civil and/or criminal liability.