Segment

  • $100 – $2,500 per vulnerability
  • Up to $7,000 maximum reward
  • Safe harbor
  • Managed by Bugcrowd

Program stats

258 vulnerabilities rewarded

Validation within 4 days
75% of submissions are accepted or rejected within 4 days

$471.42 average payout (last 3 months)

Latest hall of famers

Recently joined this program

558 total

Disclosure

Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.

NOTE: Sign up for Segment using your @bugcrowdninja.com email addresses, otherwise your accounts might be banned when we notice bad behavior

Segment is one place to collect customer data and send it to your tools for analytics, marketing automation, and raw data access with SQL. Implement all of your event tracking with Segment’s single API instead of wrangling a new API for every new tool or database. Segment's integrations let you send your data to hundreds of tools and databases.

This program adheres to the Bugcrowd Vulnerability Rating Taxonomy for the prioritization/rating of findings.

Area of Focus - $7,000

Segment cares deeply about our customers and their data. Security issues that allow unauthorized access without interaction to another workspace's event data, API keys, passwords, or other data deemed highly sensitive by Segment will be be given a "P0" reward of $7,000.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.