Researcher and Bug bounty Hunter

HomeResearcher and Bug bounty Hunter

At Adayptus Consulting, we value the contributions of security researchers and bug bounty hunters in identifying and mitigating vulnerabilities to help us strengthen the security of our systems and services. Your efforts play a critical role in creating a safer digital environment, and we are committed to working collaboratively with the cybersecurity community.

Our Commitment
  • Collaboration: We encourage responsible disclosure and are committed to working with researchers to address vulnerabilities promptly.
  • Recognition: We acknowledge the efforts of researchers who help enhance our security through legitimate and ethical means.
  • Transparency: We strive to maintain open communication throughout the vulnerability disclosure process.
Our Bug Bounty Platform

We operate a dedicated platform for researchers and bug bounty hunters, where you can engage with third-party websites and applications provided by our clients. These clients are interested in innovative, research-driven approaches to penetration testing and vulnerability identification. This platform moves beyond traditional methods, empowering researchers to explore, identify, and responsibly disclose vulnerabilities. Participants in the program are rewarded based on the scope and impact of their findings.

Scope

We welcome submissions that focus on vulnerabilities related to:

  • Third-party websites and applications provided by our clients.
  • Web and mobile applications, APIs, and integrations.
  • Security mechanisms protecting sensitive data and infrastructure.

Out-of-scope submissions include:

  • Social engineering attacks, including phishing.
  • Physical security testing.
  • Denial of service (DoS) attacks.
  • Issues with third-party services and software not owned by Adayptus Consulting.
Joining Our Security Force

We invite dedicated researchers and ethical hackers to join our security team. If you are passionate about making a difference in the cybersecurity field, send an email to [email protected] with the subject line: “Join Force.”

Application Requirements

Include the following details:

  1. Why should we choose you?
  2. Your past experience and achievements in cybersecurity or bug bounty programs.
  3. Tools, methodologies, or unique approaches you use in vulnerability assessments.
  4. Any certifications or training relevant to the field.
Review Process
  • Due to the large number of applications we receive, it may take 15-20 days for us to review your submission.
  • Not all applicants are accepted due to various reasons, including:
    • Alignment with our values and mission.
    • Technical expertise and proven experience.
    • Compatibility with the unique requirements of our projects.
Responsible Disclosure Guidelines

To ensure a productive collaboration, please adhere to the following guidelines:

  1. Do Not Exploit Vulnerabilities: Avoid testing methods that may cause harm to our systems, data, or users.
  2. Provide Detailed Reports: Include steps to reproduce the issue, potential impact, and any supporting evidence (e.g., screenshots, logs, or code snippets).
  3. Maintain Confidentiality: Do not disclose vulnerabilities to the public or any third party without our explicit written consent.
  4. Contact Us Securely: Report vulnerabilities to [email protected] using the subject line: “Vulnerability Report.”
Recognition and Rewards
  • Researchers whose submissions are valid and impactful may receive public acknowledgment on our website or other platforms (subject to agreement).
  • Monetary rewards may be offered for high-risk or critical vulnerabilities, based on the scope and impact of the findings.
  • Non-monetary rewards, such as certificates of appreciation, may also be provided.
Legal Safe Harbor

We affirm that:

  • Researchers acting in good faith and adhering to this policy will not be subject to legal action.
  • Unauthorized or malicious activities outside the scope of this policy may lead to legal consequences under applicable laws.
How to Report a Vulnerability
  1. Identify a legitimate vulnerability within the scope outlined above.
  2. Document your findings in a clear and concise report.
  3. Submit your report to [email protected] with all relevant details.
  4. Await our acknowledgment, which will typically occur within 3-5 business days.
Final Notes

We deeply appreciate your contributions to our mission of securing the digital landscape. Your findings and efforts help us maintain the trust of our users and enhance the integrity of our systems. If you are ready to make a difference, join us in building a safer online world.