Kentico Xperience Private Bug Bounty Program
Today we're really excited to announce the opening of the Kentico Xperience Private Bug Bounty Program.
Kentico Xperience Private Bug Bounty Program
The Kentico Xperience Bug Bounty Program is an integral part of the company’s commitment and ongoing efforts to strengthen its own security posture and to improve transparency and communication with security researchers when it comes to cybersecurity.
Initially, we will be running the Kentico Xperience Bug Bounty Program privately, so if you want to participate in our program you'll need to follow our internal rules. We want to initially make sure that we are able to quickly triage and resolve issues at they come in before we open up the program more widely over the coming year.
To submit a bug for review, please follow our Bug Bounty Program terms.
Confidentiality
All information you receive or collect about Kentico Xperience through the Bug Bounty Program must be kept confidential and only used in connection to the Bug Bounty Program. You may not disclose or distribute any of such confidential information, including any information about security vulnerability issues you have submitted to the Bug Bounty Program, without our prior written consent.
Termination
In case you break the Bug Bounty Program terms, we may immediately terminate your participation in the program and disqualify you from receiving bounty rewards. We may also terminate your participation or disqualify you if we determine, at our sole discretion, that your continued participation in the program could adversely impact the company.
The Bug Bounty Program is subject to change or cancellation by Kentico Xperience at any time, without notice. We may amend the program terms by posting a revised version on our website. By continuing to participate in the Bug Bounty Program after we post any such changes, you accept the modified program terms.
We look forward to expanding our work with the security researcher community.