USAA

We proudly serve millions of military members and their families with competitive rates on insurance, banking and investment services.

  • $100 – $6,000 per vulnerability
  • Partial safe harbor
Submit report

New Targets Added!

We hope your testing is going well. Here is an update that should make things a bit more interesting!

More Web and API targets have been added to the USAA program. We highly recommend you take a look at this additional attack surface – which hopefully means more vulnerabilities! Here is what’s new:

Fresh Targets
https://api.usaa.com/
https://content.usaa.com
https://l.usaa.com/
https://login.usaa.com/
https://mapi.usaa.com/
https://s.usaa.com/
https://mobileapps.usaa.com/
https://my.usaa.com/
https://wsmbr.usaa.com/

As a friendly reminder, the old targets now carry higher reward ranges as we understand that through your research and reports these have become harder to hunt. Please review the brief for full details and reach out to support@bugcrowd.com if you have any issues.

Get out there and lay claim to those bugs!

Sarah_Bugcrowd
Sarah_Bugcrowd