Dell Technologies' Products Bug Bounty Program

  • $200 – $5,000 per vulnerability
  • Partial safe harbor

Program stats

  • Vulnerabilities rewarded 59
  • Validation within about 1 month 75% of submissions are accepted or rejected within about 1 month
  • Average payout $2,125 within the last 3 months

Latest hall of famers

Recently joined this program

Dell Technologies Product Bug Bounty Program

Dell Technologies ("Dell") recognizes the value of the security community to create a more secure world and welcomes the opportunity to collaborate with community members who share this common goal.

This Bug Bounty Program applies to security vulnerabilities identified within Dell-branded or currently supported products. Please carefully review the inclusions and exclusions detailed in the sections below.

Triage Process - Please Read First

In order for Dell to properly reproduce a security report, it is required to enter the Product Name and Version Number of the vulnerable device in the URL / Location of vulnerability field. Reports that do not have this information will be rejected.

Submissions with Blockers on them for longer than 5 business days will closed as Not Applicable.

Once a Product and Version are confirmed by Dell, a report will be moved to Triaged to validate the report and assign an Impact. In order to help expedite the Triage process, please ensure reports have:

  1. Bulleted, step-by-step reproduction instructions
  2. Attach any scripts used in the exploit

Ratings/Rewards:

For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.