• $100 – $2,500 per vulnerability
  • Up to $7,000 maximum reward

Program stats

  • Vulnerabilities rewarded 369
  • Validation within 5 days 75% of submissions are accepted or rejected within 5 days
  • Average payout $677.77 within the last 3 months

Recently joined this program

NOTE: Sign up for Segment using your email addresses, otherwise your accounts might be banned when we notice bad behavior

Segment is one place to collect customer data and send it to your tools for analytics, marketing automation, and raw data access with SQL. Implement all of your event tracking with Segment’s single API instead of wrangling a new API for every new tool or database. Segment's integrations let you send your data to hundreds of tools and databases.

This program adheres to the Bugcrowd Vulnerability Rating Taxonomy for the prioritization/rating of findings.

Area of Focus - $7,000

Segment cares deeply about our customers and their data. Security issues that allow unauthorized access without interaction to another workspace's event data, API keys, passwords, or other data deemed highly sensitive by Segment will be be given a "P0" reward of $7,000.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.