Dell Technologies Application Bug Bounty
- $50 – $2,500 per vulnerability
Dell Technologies ("Dell") recognizes the value of the security community to create a more secure world and welcomes the opportunity to collaborate with community members who share this common goal.
This bug bounty program (the “Bug Bounty Program”) is limited to those security vulnerabilities identified within the dell.com and delltechnologies.com pages listed as in scope the Targets section below. Please carefully review inclusions and exclusions detailed in the sections below.
Note: All other Dell products, applications and online properties are excluded from this Bug Bounty Program.
For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher. Please see below for any exceptions from the standard VRT.
For submissions regarding GitHub Credentials, all findings will be initially rated as a P5. Once the finding has been determined to have a real impact, it will be upgraded accordingly. Remember, it is beneficial to include the sensitive information in your finding along with the link to help speed up the validation process.
Vulnerabilities in Dell websites and services not explicitly out of scope or explicitly in scope of this program will be rated as a P5.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email firstname.lastname@example.org. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.