follow us on twitter . like us on facebook . follow us on instagram . subscribe to our youtube channel . announcements on telegram channel



« previous next »
Pages: [1]

Author Topic: Simply Built Bug Bounty  (Read 13327 times)

Angelina

  • Moderator
  • Experienced Member
  • *****
  • Posts: 357
    • View Profile
Simply Built Bug Bounty
« on: April 26, 2023, 05:38:24 pm »
Submit bug report: http://simplybuilt.com
@simplybuilt

Policy

We take security very seriously here at SimplyBuilt!
As such, we provide bug bounties for security related issues that are responsibly reported to us. Please review our Rules and Guidelines for bug bounties before you start hunting. If you think you have found an issue we encourage you to report it to us in the below form.
Happy Hunting.
Rules
Do not attempt to gain access to another user's information or data.
Do not attempt attacks against other users during your research.
Do not use automated or scanner tools. Please, no DoS/Spam attacks either!
Do not publicly disclose the issue until we've been able to patch it.
Only target the my.simplybuilt.com domain and the sites you publish through the app.
Never attempt non-technical/social attacks against other users or SimplyBuilt staff.
What Does Not Qualify?
Issues that require a large amount of user interaction and/or social engineering.
Issues only affecting legacy browsers, extensions or plugins.
Any type of brute forcing or automated attack will not qualify for bounties.
Attack vectors that require request interceptor tools or developer tools.
Vulnerabilities that SimplyBuilt has deemed to be at an acceptable level of operational risk.
Issues that have already been reported to us via the bug bounty program.
Issues targeting our support, blog or other third party sites
FAQ
How are bounty payments made?
Bounty payments for accepted issues will be sent out to researchers using PayPal. The amount will depend entirely upon the severity of the issues reported.
Will credit be given?
Absolutely! Once the issue is patched, we will blog about it. Within the blog post, we will include a name and link to the researchers responsible for reporting the issue (unless of course, you do not want that).
I submitted an issue but have not gotten a response!
Please allow us at least 24 hours to get back to you. We review each report very carefully and want to fully understand the scope of all issues reported.
Do you have a PGP key? Can I submit an issue directly?
Yes and yes! Our PGP key is available here. Feel free to send encrypted (and signed reports) to security@SimplyBuilt.com.
Policy: https://www.simplybuilt.com/security
Domains
simplybuilt.com
HackerOne Directory
Information is provided and moderated by members of the community. Accuracy has not been validated by HackerOne. This page is not affiliated with SimplyBuilt.
Claim this page
Suggest edits
OpportunitiesSecurityLeaderboardBlogDocsSupportDisclosure GuidelinesPressPrivacyTerms© HackerOne
Logged
Pages: [1]
« previous next »