Arlo Cash Rewards

  • $100 – $6,000 per vulnerability
  • Up to $15,000 maximum reward
  • Partial safe harbor

Reward increases for all arlo devices ($300 - $6000) ++++ Additional guidance for researchers

Hey Everyone,

This message is intended to give Researchers some extra guidance on the Arlo program.

The Arlo team would like for the Crowd to know that the majority of the Arlo platform and available attack surface is only made available to people who have access to an Arlo Device (as listed in the bounty brief).

Researchers are encouraged to purchase or otherwise get their hands on Arlo Devices as this is the best opportunity to find high-value, interesting bugs. Purchasing an Arlo Device will not only give Researchers Access to find bugs on the device itself, but will also provide access to the Arlo User Interface. Worth noting, Arlo has introduced new devices at competitive price points (in some cases under $100) which will help allow you to test more thoroughly. If you have a device, you get access to more functionality to test.

To make it more appealing for all to test their devices and platform, arlo is now offering increased rewards for valid findings against their devices (this is in addition to the high-impact reward scenarios, which offer up to $15,000). Please see the new range below:

Priority Arlo Devices (listed above) All other target types (eg,
P1 $6,000 $2,000 - $3000
P2 $2,500 $1,000
P3 $600 $400
P4 $300 $100

Now, get out there and lay claim to those bugs!