The security of our customers is a top priority. We invest heavily in tools, processes and technologies to keep our users and their networks safe. This includes third-party audits, features like two-factor authentication, and our out-of-band cloud management architecture. The Cisco Meraki vulnerability rewards program is an important component of our overall security strategy, encouraging external researchers to collaborate with our security team to help keep our customers safe.
Be sure to watch for new releases on Cisco Meraki's changelog
For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email firstname.lastname@example.org. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.