Bug Bounty Program
Cory Brown avatar
Written by Cory Brown
Updated over a week ago

At Simplesat, we take the security of our systems seriously. While we strive to build secure software, we also acknowledge that no system is entirely foolproof. That's why we invite the security community to help us identify vulnerabilities through our Bug Bounty Program.


The Bug Bounty Program covers the following domains and applications:

  • www.simplesat.io

  • app.simplesat.io

  • survey.simplesat.io

  • Any other service hosted under the simplesat.io domain

Out of Scope:

  • Third-party services

  • Social engineering attacks

  • Physical attacks against Simplesat offices

Reporting a Bug

To report a bug, please send an email to [email protected] with the following information:

  • Description of the vulnerability

  • Steps to reproduce

  • Potential impact

  • Your contact information


While we currently do not offer monetary rewards, we greatly appreciate your contribution. All valid bug submissions will be reviewed promptly, and we will keep you updated on the status of your report.

Disclosure Policy

In order to make sure all of our customers stay informed of potential security events and vulnerabilities and security improvements, we will disclose security information related to the event or bug to all of our application's users within a suitable timeframe. Any independent security researcher that discovers a vulnerability within our software should notify us first and avoid broadcasting this information either publicly or to other third parties.


By participating in Simplesat's Bug Bounty Program, you agree to abide by all applicable laws and regulations. Simplesat reserves the right to disqualify participants who violate these rules.

Did this answer your question?