In an effort of ongoing security improvement, Searchspring is pleased to offer a bug bounty program to vulnerability researchers.
If you find a vulnerability please email security@searchspring.com with your disclosure and priority level. Searchspring will evaluate your disclosure and confirm or reclassify the vulnerability level. Upon verification of the vulnerability, a bounty will be paid out within the bounds laid out below. Payment will be made through PayPal.
Priority levels follow the open-source Bug Crowd definitions listed here: Vulnerability Levels.
Searchspring offers the following compensation associated with each level, all values in USD.
Level | Severity | Band |
---|---|---|
P1 | Critical | $1,200 – $2,000 |
P2 | Severe | $1,000 – $1,200 |
P3 | Moderate | $500 – $1,000 |
P4 | Low | $100 – $200 |
P5 | Informational | $20 – $50 |