Company
bentley.com
Program URL
https://www.bentley.com/legal/bug-bounty-report/
Contact
No response
Description
At Bentley Systems, we take the security of our systems and products seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users.
Rewards
Program type
bounty
Status
active
Safe harbor
No response
Allows disclosure
No response
Domains
All _.bentley.com subdomains
All Bentley Systems desktop products (Only CONNECT Edition and Later)
All Bentley Systems mobile apps (distributed only on Play and App stores)
All Bentley Cloud Applications and Services
All Bentley Open-Source Projects (including imodeljs.org)
Structured scope
No response
Out of scope
Bentley Systems’ Infrastructure (VPN, Mail Server, SharePoint, Skype, etc.)
Findings from physical testing, such as office access (e.g., open doors, tailgating)
Findings derived primarily from social engineering (e.g., phishing, vishing)
Findings from applications or systems not listed in the ‘Scope’ section
Any services hosted by 3rd-party providers and services
Obsolete/deprecated software
Obsolete/deprecated software
https://seequent.frontify.com/
https://events.seequent.com/
https://community.seequent.com/
https://lms.seequentlearning.com/
https://partners.seequent.com/
eventhub.bentley.com
On24 related issues
Excluded methods
Requires account
No response
Minimum payout
100
Maximum payout
1000
Currency
USD
Payout - critical
No response
Payout - high
No response
Payout - medium
No response
Payout - low
No response
Swag details
No response
Testing policy URL
No response
Response SLA days
No response
Disclosure timeline days
90
Legal terms URL
No response
Hall of fame URL
No response
Reporting URL
No response
PGP key URL
No response
Preferred languages
No response
Standards
No response
Confirmation
Company
bentley.com
Program URL
https://www.bentley.com/legal/bug-bounty-report/
Contact
No response
Description
At Bentley Systems, we take the security of our systems and products seriously, and we value the security community. The disclosure of security vulnerabilities helps us ensure the security and privacy of our users.
Rewards
Program type
bounty
Status
active
Safe harbor
No response
Allows disclosure
No response
Domains
All _.bentley.com subdomains
All Bentley Systems desktop products (Only CONNECT Edition and Later)
All Bentley Systems mobile apps (distributed only on Play and App stores)
All Bentley Cloud Applications and Services
All Bentley Open-Source Projects (including imodeljs.org)
Structured scope
No response
Out of scope
Bentley Systems’ Infrastructure (VPN, Mail Server, SharePoint, Skype, etc.)
Findings from physical testing, such as office access (e.g., open doors, tailgating)
Findings derived primarily from social engineering (e.g., phishing, vishing)
Findings from applications or systems not listed in the ‘Scope’ section
Any services hosted by 3rd-party providers and services
Obsolete/deprecated software
Obsolete/deprecated software
https://seequent.frontify.com/
https://events.seequent.com/
https://community.seequent.com/
https://lms.seequentlearning.com/
https://partners.seequent.com/
eventhub.bentley.com
On24 related issues
Excluded methods
Requires account
No response
Minimum payout
100
Maximum payout
1000
Currency
USD
Payout - critical
No response
Payout - high
No response
Payout - medium
No response
Payout - low
No response
Swag details
No response
Testing policy URL
No response
Response SLA days
No response
Disclosure timeline days
90
Legal terms URL
No response
Hall of fame URL
No response
Reporting URL
No response
PGP key URL
No response
Preferred languages
No response
Standards
No response
Confirmation