Company
foundation.xyz
Program URL
https://foundation.xyz/responsible-disclosure/
Contact
security@foundation.xyz
Description
Foundation Devices, Inc. (“Foundation”) creates hardware, firmware, software, websites, and web-based services for customers, users, and employees. Foundation expends significant time and effort to ensure that these are all safe and secure. If you believe that you have found an issue or vulnerability, however, the bug bounty program below describes the actions you should take to report the issue, and under what conditions Foundation will pay out bug bounty rewards.
Rewards
Program type
bounty
Status
active
Safe harbor
No response
Allows disclosure
true
Domains
foundation.xyz
Primary e-commerce domain above, checkout functionality, WooCommerce admin areas
Structured scope
No response
Out of scope
Any service hosted at a domain outside of this list will not be considered relevant to this bug bounty program, with the following exception:
Access to systems hosted by a 3rd party infrastructure provider, which has been deemed relevant to the hosting and securing of services at the domains listed above. The vulnerability must be addressable by our engineers. Foundation reserves the right to make this determination at its sole discretion.
Excluded methods
Requires account
No response
Minimum payout
No response
Maximum payout
No response
Currency
USD
Payout - critical
500
Payout - high
200
Payout - medium
100
Payout - low
50
Swag details
No response
Testing policy URL
No response
Response SLA days
No response
Disclosure timeline days
No response
Legal terms URL
No response
Hall of fame URL
No response
Reporting URL
No response
PGP key URL
No response
Preferred languages
No response
Standards
No response
Confirmation
Company
foundation.xyz
Program URL
https://foundation.xyz/responsible-disclosure/
Contact
security@foundation.xyz
Description
Foundation Devices, Inc. (“Foundation”) creates hardware, firmware, software, websites, and web-based services for customers, users, and employees. Foundation expends significant time and effort to ensure that these are all safe and secure. If you believe that you have found an issue or vulnerability, however, the bug bounty program below describes the actions you should take to report the issue, and under what conditions Foundation will pay out bug bounty rewards.
Rewards
Program type
bounty
Status
active
Safe harbor
No response
Allows disclosure
true
Domains
foundation.xyz
Primary e-commerce domain above, checkout functionality, WooCommerce admin areas
Structured scope
No response
Out of scope
Any service hosted at a domain outside of this list will not be considered relevant to this bug bounty program, with the following exception:
Access to systems hosted by a 3rd party infrastructure provider, which has been deemed relevant to the hosting and securing of services at the domains listed above. The vulnerability must be addressable by our engineers. Foundation reserves the right to make this determination at its sole discretion.
Excluded methods
Requires account
No response
Minimum payout
No response
Maximum payout
No response
Currency
USD
Payout - critical
500
Payout - high
200
Payout - medium
100
Payout - low
50
Swag details
No response
Testing policy URL
No response
Response SLA days
No response
Disclosure timeline days
No response
Legal terms URL
No response
Hall of fame URL
No response
Reporting URL
No response
PGP key URL
No response
Preferred languages
No response
Standards
No response
Confirmation