Dropsuite is committed to keeping our customers’ data and systems secure. We reward responsible disclosures of vulnerabilities according to our Bug Bounty Program. Our Bug Bounty Program is open to the public, to avoid any misunderstandings, we assume that you have read and understood these guidelines if you participate in our program.
To be eligible for the Program, you must not:
You must be reporting in an individual capacity. Dropsuite maintains the sole discretion to determine eligibility. If we determine that your Submission is eligible and offer an award, we will notify you of the amount and provide you with paperwork that must be completed before we can provide the award payment.
The final reward amount is solely determined by Dropsuite team consisting of our technical staff and is based on the estimated risk posed by the vulnerability. The current reward range is from USD 50 to USD 1,000.
If you report several issues that are duplicates in different parts of the service (e.g., the same code running on different nodes or platforms), or part of a larger issue, these may be combined into one and only one reward may be paid.
The following list provides several bug classes and their corresponding bounty.