Skip to main content

Searchspring Bug Bounty Program

In an effort of ongoing security improvement, Searchspring is pleased to offer a bug bounty program to vulnerability researchers.

If you find a vulnerability please email security@searchspring.com with your disclosure and priority level. Searchspring will evaluate your disclosure and confirm or reclassify the vulnerability level. Upon verification of the vulnerability, a bounty will be paid out within the bounds laid out below. Payment will be made through PayPal.

Priority levels follow the open-source Bug Crowd definitions listed here: Vulnerability Levels.

Searchspring offers the following compensation associated with each level, all values in USD.

Level Severity Band
P1 Critical $1,200 – $2,000
P2 Severe $1,000 – $1,200
P3 Moderate $500 – $1,000
P4 Low $100 – $200
P5 Informational $20 – $50