Gusto’s mission is to create a world where work empowers a better life. By making the most complicated business tasks simple and personal, Gusto is reimagining payroll, benefits and HR for modern companies.
Security is one of the top priorities at Gusto. We put the same amount of care in protecting our customers' information as we would with our own information. For that end, we would like to invite you to our bug bounty program. We appreciate your efforts and hard work in making the internet (and Gusto) more secure and look forward to working with the researcher community to create a meaningful and successful bug bounty program. Good luck and happy hunting!
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please send an email to firstname.lastname@example.org. We will address your issue as soon as possible.
- $1,250 additional bonus for the next valid P1 submitted
For the initial prioritization/rating of findings, this program will use the Bugcrowd Vulnerability Rating Taxonomy. However, it is important to note that in some cases a vulnerability priority will be modified due to its likelihood or impact. In any instance where an issue is downgraded, a full, detailed explanation will be provided to the researcher - along with the opportunity to appeal, and make a case for a higher priority.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email email@example.com. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.