At Warden, we take the security very seriously. However, sometimes vulnerabilities can slip through our checks. If you discover a vulnerability, we want to know about it so we can address it in order to better protect our users and systems.
We ask you not to take advantage of the vulnerability, not to tell others about it or use malicious methods to look for or exploit them.
Please email your findings with sufficient information about its impact and how to reproduce it to firstname.lastname@example.org, ideally encrypted using our PGP key to prevent information from falling into the wrong hands.
We will award an amount on a case by case basis depending on the severity of the issue. Please note that we only award one bounty per bug.
Any software issue that results in the loss/compromise of data for Warden or any of its customers. The most common examples are:
We can not reward bounties for things that are outside of our direct control, such as: