• $100 – $6,500 per vulnerability
  • Partial safe harbor

Asana - $25,000 Special Incentive For The log4j Vulnerability

In light of the Log4j Vulnerability, CVE-2021-44228 Asana is now offering a massive $25,000 bonuses if a researcher can demonstrate that Asana is vulnerable to this bug starting as of December 14, 2021.

As always, please view the the brief before testing.

Below are the bonus details:

Note, bonuses are subject to change. If you have any questions, please reach out to