Kenna Security is a leader in risk-based vulnerability management. The Kenna Security Platform enables organizations to measure, prioritize, and predict cyber risk. Kenna leverages Cyber Risk Context Technology™ to track and predict real-world exploitations, focusing security and IT operations teams on what matters most.
Last updated 11 Nov 2019 21:23:33 UTC
Technical severity | Reward range
---|---
p1 Critical | $3,000 - $4,500
p2 Severe | $1,500 - $1,750
p3 Moderate | $150 - $300
p4 Low | $50 - $100
P5 submissions do not receive any rewards for this program.
Target name | Type
---|---
https://[your-subdomain].kennasecurity.com
| Website
<https://www.kennasecurity.com>
| Website
<https://api.kennasecurity.com>
| API
Any Host Verified To Be Owned By Kenna (Domains/IP space/etc.)
| Other
Target name | Type
---|---
Any Kenna Security Platform Subdomain Not Created By You
| Website
Researcher Platform Sign-Up:
https://app.kennasecurity.com/signup?bugcrowd
DO NOT USE THE KENNA SECURITY SIGNUP PAGE WITHOUT ?bugcrowd
IN THE URL.
If issues reported to our bug bounty program affect a third-party library, external project, or another vendor, Kenna Security reserves the right to forward details of the issue to that party without further discussion with the researcher. We will do our best to coordinate and communicate with researchers through this process.
We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To encourage responsible reporting, we will not take legal action against you nor ask law enforcement to investigate you provided you comply with the following guidelines:
This program follows Bugcrowd’s standard disclosure terms.
This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.
Scope Type | Scope Name |
---|---|
other | Any Host Verified To Be Owned By Kenna (Domains/IP space/etc.) |
web_application | https://[your-subdomain].kennasecurity.com |
web_application | https://www.kennasecurity.com |
web_application | https://api.kennasecurity.com |
Scope Type | Scope Name |
---|---|
web_application | Any Kenna Security Platform Subdomain Not Created By You |
This programe feature scope type like web_application.
FireBounty © 2015-2019