Lightspeed Retail X-Series bug bounty program aims to build stronger relationships with the security community by rewarding security researchers for their work in finding security vulnerabilities.
This page is intended for security researchers. For general information about security, please see our main website.
We will make a best effort to meet the following response targets for white hat hackers participating in our program:
Time to First Response: 1 day
Time to Triage: 2 days
Time to Bounty: within 5 business days
Time to Remediate: Up to 90 days (may be dependent on the severity and complexity, excluding extenuating circumstances)
Public Disclosure Policy
- Please do not discuss any vulnerabilities (even resolved ones) outside of the program without express consent from Lightspeed.
- This program follows Bugcrowd’s disclosure guidelines.
Scope and rewards
This program follows Bugcrowd’s standard disclosure terms.
For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email firstname.lastname@example.org. We will address your issue as soon as possible.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.