0 vulnerabilities rewarded
12 days average response time
Latest Hall of Famers
Please note: This program does not allow disclosure. You may not release information about vulnerabilities found in this program to the public.
Hi all! Bugcrowd has an exciting opportunity to participate in a private, invite-only program with an undisclosed client, against an unreleased product - with rewards up to $250,000!
About the program:
- Virtualization (VM breakout, cross guest VM manipulation, exploitation of host components)
- Kernel and device driver security
- Firmware security
- Advanced application security
- Guest VM breakout/isolation failures
- Code execution beyond the confines of your guest VM
- Privilege escalation within the guest VM made possible by the underlying platform
- Any vulnerabilities which could lead to compromise or leakage of data and directly affect the confidentiality or integrity of user data of which affects user privacy (including memory corruption, cross guest VM issues, persistent issues).
- Denial/degrading service to other customers, or of the underlying platform itself (excluding DDoS)
Do you have these skills?
If so, send a submission (just click the 'Submit a Report' button) to this program that details your experience and why you'd be interested in participating. We'll review all applicants by hand and will let you know directly if you're selected to participate!
- Any credentials or other demonstrations of skills and capabilities in the above outlined areas
- If applicable, link to your linkedin or other social profiles (if they lend to support your individual abilities and credibility)
- Past work (if you're free to talk about it, or if it's publicly visible)
Please note that not all applicants will be selected to participate. And all participants will be required to undergo a background check and sign an NDA prior to participating.
Dates: this program will start early September and run for roughly eight weeks until the end of October - so be sure to apply early!