feat: add bug bounty program #5039

johnrwatson · 2024-11-28T16:46:51Z

Adds bug bounty to System Initiative's Production Stack

keeb · 2024-11-28T18:12:19Z

BUG BOUNTY

+- **Ineligible Findings**: Specific exclusions from the policy.
+- **Scope**: Details about what assets are in scope and out of scope.
+
+System Initiative's Bounty Standards set expectations for both System Initiative and hackers when assessing the reward for a report. The standards begin with a relevant rating system such as CVSS for report assessments and then additionally consider additional adjustments ("bumps") for discrepancies between associated rating scores and actual business impact. This ensures more accurate correlations between vulnerability impact evaluations to reward bounties.


Could link to CVSS ratings here.

keeb

This looks great to me, added a minor suggestion. Nice!

feat: add bug bounty program

656c24d

johnrwatson requested review from adamhjk, stack72, mahirl and britmyerss November 28, 2024 16:48

keeb reviewed Nov 28, 2024

View reviewed changes

fix: bug bounty PR comments

1633693

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

feat: add bug bounty program #5039

feat: add bug bounty program #5039

johnrwatson commented Nov 28, 2024

keeb Nov 28, 2024

keeb left a comment

feat: add bug bounty program #5039

Are you sure you want to change the base?

feat: add bug bounty program #5039

Conversation

johnrwatson commented Nov 28, 2024

keeb Nov 28, 2024

Choose a reason for hiding this comment

keeb left a comment

Choose a reason for hiding this comment