Cookie
Eltima IBC uses cookies to personalize your experience on our website. By continuing to use this site, you agree to our cookie policy. Click here to learn more.

Bug Bounty Program

Privacy and security are among the top priorities of the Eltima IBC. In this regard, we’ve decided to launch a bug bounty program and reward those who help us create safe and reliable products. Although our specialists are doing their best in reducing all possible vulnerabilities to zero, yet, there is always a small chance that some of them were overlooked. Take part and receive a reward by reporting errors found in our system.

How we approach security issues

We are interested in information about vulnerabilities found in all our products. We encourage the public search of security issues and responsible disclosure, meaning that the Eltima IBC does not/won’t/isn’t going to sue users for reporting vulnerabilities. We are committed to partnering with those who have reported a potential threat as well as are eager to provide a complete list of steps taken to resolve the issues you’ve reported.

If the reported problem is critical and may harm us, we are ready to reward you (the amount of bounty depends on the potential damage). Submission should be made by following instructions below and according to the following bug bounty form.

Program Rules

Please do not disclose the vulnerability to anyone until we complete our investigation and fix the issue. As well as do not use the discovered security issue for purposes other than testing.

If you unintentionally gain unauthorized access to the data of another person or company, immediately cease any activity that could lead to further access to this data.

It is forbidden to perform any actions that could harm the reliability and integrity of our services and data. Do not carry out automated brute force attacks, denial of service attacks (DoS and DDoS), sending spam to our users, do not engage in social engineering and phishing of our employees.

We do not consider reports from security scanners and other automated scanning tools, as well as reports without demonstrating the real existence of the vulnerability.

Submit Vulnerability Report

You're about to submit a report to the Eltima IBC. Please remember to review our Policy and Disclosure Guidelines.
Proof of Concept
The proof of concept is the most important part of your report submission. Clear, reproducible steps will help us validate the issue at the earliest.