Kenna Security

  • $50 – $1,500 per vulnerability
  • Managed by Bugcrowd

Program stats

79 vulnerabilities rewarded

Validation within 7 days
75% of submissions are accepted or rejected within 7 days

$262.50 average payout (last 3 months)

Latest hall of famers

Recently joined this program

442 total

Disclosure

Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

Researcher Sign-Up

Sign up at https://app.kennasecurity.com/signup?bugcrowd

DO NOT USE THE KENNA SIGNUP PAGE WITHOUT ?bugcrowd IN THE URL

Targets

In scope

Target name Type
https://[your-subdomain].kennasecurity.com Website
Any host verified to be owned by Kenna (domains/IP space/etc.) Other

Out of scope

Target name Type
Any Kenna Security customer subdomain not created by you Website

Any testing/submissions against Kenna Security customer subdomains is strictly prohibited, not eligible for reward.

Rewards

Target Reward Range
Kenna Security Application $50-$1,500
All Other Targets $50-$750

This program adheres to the Bugcrowd Vulnerability Rating Taxonomy.

Focus Areas

The highest priority target for this bounty is the Kenna Security application.

Out of Scope

Vulnerabilities in third party systems will be not be eligible for a reward.

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.