At Simplesat, we take the security of our systems seriously. While we strive to build secure software, we also acknowledge that no system is entirely foolproof. That's why we invite the security community to help us identify vulnerabilities through our Bug Bounty Program.
Scope
The Bug Bounty Program covers the following domains and applications:
www.simplesat.ioapp.simplesat.iosurvey.simplesat.ioAny other service hosted under the
simplesat.iodomain
Out of Scope:
Third-party services
Social engineering attacks
Physical attacks against Simplesat offices
Reporting a Bug
To report a bug, please send an email to [email protected] with the following information:
Description of the vulnerability
Steps to reproduce
Potential impact
Your contact information
Rewards
While we currently do not offer monetary rewards, we greatly appreciate your contribution. All valid bug submissions will be reviewed promptly, and we will keep you updated on the status of your report.
Disclosure Policy
In order to make sure all of our customers stay informed of potential security events and vulnerabilities and security improvements, we will disclose security information related to the event or bug to all of our application's users within a suitable timeframe. Any independent security researcher that discovers a vulnerability within our software should notify us first and avoid broadcasting this information either publicly or to other third parties.
Legal
By participating in Simplesat's Bug Bounty Program, you agree to abide by all applicable laws and regulations. Simplesat reserves the right to disqualify participants who violate these rules.