Kenna Security
- $50 – $3,000 per vulnerability
Program stats
82 vulnerabilities rewarded
Validation within
2 days
75% of submissions are accepted or rejected within
2 days
$1,600 average payout (last 3 months)
Latest hall of famers
Recently joined this program
Disclosure
Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.
Researcher Sign-Up
Sign up at https://app.kennasecurity.com/signup?bugcrowd
DO NOT USE THE KENNA SIGNUP PAGE WITHOUT ?bugcrowd IN THE URL
Targets
In scope
| Target name | Type |
|---|---|
https://[your-subdomain].kennasecurity.com
|
Website |
Any host verified to be owned by Kenna (domains/IP space/etc.)
|
Other |
Out of scope
| Target name | Type |
|---|---|
Any Kenna Security customer subdomain not created by you
|
Website |
Any testing/submissions against Kenna Security customer subdomains is strictly prohibited, not eligible for reward.
Rewards
| Target | Reward Range |
|---|---|
| Kenna Security Application | $50-$1,500 |
| All Other Targets | $50-$750 |
This program adheres to the Bugcrowd Vulnerability Rating Taxonomy.
Focus Areas
The highest priority target for this bounty is the Kenna Security application.
Out of Scope
Vulnerabilities in third party systems will be not be eligible for a reward.
Program rules
This program follows Bugcrowd’s standard disclosure terms.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.