At FanDuel, our talented team of engineers and security specialists work non- stop to make our code as secure as possible. However, software without a single vulnerability simply does not exist in the real world. As our products evolve and technology advances, new vulnerabilities are bound to arise. Our Vulnerability Disclosure policy and partnership with HackerOne help us stay ahead of any potential problems.If you believe you've found a security issue in our product or service, we encourage you to notify us. Good luck and happy hunting!
05-April-19 - We have increased our bounty reward payments, with some severities being increased by as much as 50%
We believe our researchers should be acknowledged for their work. In addition to the bounty we have a FanDuel Security Hall of Fame, where researchers who have been awarded bounties are added to the Hall of Fame. The Hall of fame can be found here __
While researching, we'd ask you to refrain from:
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Thank you for helping keep FanDuel and our users safe!
Contact us if you want more information.