45466 policies in database
Link to program      
2018-05-29
2020-04-23
Blue Jeans Network logo
Thank
Gift
HOF
Reward

Reward

Blue Jeans Network

BlueJeans takes the security, integrity, availability of the service, and the privacy of our users seriously. We appreciate all security concerns brought forth and are constantly striving to keep on top of the latest threats. Being proactive rather than reactive to emerging security issues is a fundamental belief at BlueJeans. Every day new security issues and attack vectors are created. BlueJeans strives to keep abreast of the latest state-of-the-art security developments by working with security researchers and companies. We appreciate the community's efforts in creating a more secure world.

Rules of engagement:

We are interested in hearing about security issues in production BlueJeans sites and our client software applications. These in-scope, production assets have been listed below under 'Targets'. That said, there are some things we explicitly ask you not to do:

  • Do not run automated scans without checking with us first. They are often very noisy.
    • If running any automated testing tools, be sure to keep well under 100 requests per second - otherwise you're likely to get locked out.
  • Do not test the physical security of BlueJeans offices, employees, equipment, etc.
  • Do not test using social engineering techniques (phishing, vishing, etc.)
  • Do not perform DoS or DDoS attacks.
  • In any way attack our end users, or engage in the trade of stolen user credentials.
  • In any way disrupt our customers

This program adheres to the Bugcrowd Vulnerability Rating Taxonomy for the prioritization/rating of findings.

Scope and rewards

Program rules

This program follows Bugcrowd’s standard disclosure terms.

For any testing issues (such as broken credentials, inaccessible application, or Bugcrowd Ninja email problems), please email support@bugcrowd.com. We will address your issue as soon as possible.

This program does not offer financial or point-based rewards for P5 — Informational findings. Learn more about Bugcrowd’s VRT.

In Scope

Scope Type Scope Name
android_application

BlueJeans Android Application

android_application

https://github.com/bluejeans/android-client-sdk

api

https://api.bluejeans.com/

ios_application

BlueJeans iOS Application

undefined

BlueJeans Mac Client

undefined

BlueJeans Windows Client

web_application

https://bluejeans.com/

web_application

https://a2m.bluejeans.com

web_application

https://huddle.bluejeans.com

web_application

https://primetime.bluejeans.com

web_application

https://static.bluejeans.com/

web_application

https://www.bluejeans.com/

web_application

BlueJeans Browser-based Web Meeting Clients

Out of Scope

Scope Type Scope Name
web_application

https://a.bluejeans.com/

web_application

https://community.bluejeans.com

web_application

https://hub.bluejeans.com

web_application

https://www-a.bluejeans.com/

web_application

https://www-dev.bluejeans.com/


The progam has been crawled by Firebounty on 2018-05-29 and updated on 2020-04-23, 119 reports have been received so far.

FireBounty © 2015-2024

Legal notices | Privacy policy