USAA

We proudly serve millions of military members and their families with competitive rates on insurance, banking and investment services.

  • $100 – $6,000 per vulnerability
  • Partial safe harbor
Submit report

Scope Update

Thank you for your participation in the USAA program.

We are bringing Unvalidated Redirect findings into the scope for testing so please take a look and let us know what you find! Also, our Focus Areas are as follows if you have any new and novel techniques for hunting on these we'd love to see your latest.

  • Authentication mechanisms
  • Privilege escalation (horizontal or vertical)
  • SQL or command injection
  • Cross-site scripting
  • Remote Code Execution
  • Cross-Site Request Forgery
  • Information Disclosure
  • Security Decisions via Untrusted Inputs

As always, please see the program brief for the full details around testing. If you have any questions, please reach out to support@bugcrowd.com.

Happy Hunting!

JesterM
JesterM