ReliaQuest VDP

  • No collaboration

We no longer offer point rewards for submissions on this program. Please refer to our blog post: How Bugcrowd sees VDPs and points for more details.

Program stats

  • Vulnerabilities accepted 3
  • Validation within 1 day 75% of submissions are accepted or rejected within 1 day

Latest hall of famers

Recently joined this program


Please note: This program or engagement does not allow disclosure. You may not release information about vulnerabilities found in this program or engagement to the public.

ReliaQuest, LLC and its subsidiaries (collectively, “ReliaQuest”, “we”, “us” or “our”), is the force multiplier of security operations. Our security operations platform, GreyMatter, automates detection, investigation, and response across cloud, endpoint, and on-premises tools and applications. GreyMatter is cloud-native, built on an open XDR architecture, and delivered as a service any time of the day, anywhere in the world. With over 700 customers worldwide and 1,000+ teammates working across six global operating centers, we are driving outcomes for the most trusted enterprise brands in the world. We exist to make security possible.

The overall security and integrity of ReliaQuest's systems and platforms is integral to our success as cyber security company. Thus, we continually evaluate and strive to improve our vulnerability response practices. We recognize the value and importance of working with skilled security researchers to identify potential vulnerabilities in any technology, including our websites and platforms. Accordingly, we encourage good-faith vulnerability research and the responsible disclosure of security vulnerabilities in accordance with our Vulnerability Disclosure Program (the “Program”).

This page (the “Program Brief”) lays out our expectations with respect to security researchers who discover and report suspected security vulnerabilities to us in connection with the Program. We will not engage with security researchers who do not follow the terms and conditions applicable to the Program and as described in this Program Brief. We will validate and remediate vulnerabilities in accordance with our commitment to security and privacy. We will not take legal action against researchers who discover and report security vulnerabilities to us in good faith and in accordance with the Program and this Policy.

Thank you for your interest in making security possible!


Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email We will address your issue as soon as possible.