|Scope Type||Scope Name|
Security is a top priority at Backblaze. We believe that no technology is perfect and that working with skilled security researchers across the globe is crucial in identifying weaknesses in our technology. If you believe you've found a security bug in our service, we are happy to work with you to resolve the issue promptly and ensure you are fairly rewarded for your discovery.
If you have questions about the Backblaze service or are trying to get help with your own Backblaze account, please visit our support page __for assistance. Here are a few relevant resources that may come in handy while doing your research:
We have six main areas that we invite our hackers to test.
We are most interested in remote code execution vulnerabilities and leaks of personal information (authentication/authorization bypasses). We request that researchers focus on these critical areas. Backblaze reserves the right to decide if an issue meets the minimum severity threshold, and whether it is a duplicate of an earlier report.
To qualify for a reward under this program, you should:
Because we are most interested in remote code execution vulnerabilities and leaks of personal information (authentication/authorization bypasses), not all issue types/techniques are included in the scope of our program at this time. Please be aware of the following scope exclusions before beginning your research and submitting any reports.
Thank you for helping keep Backblaze safe!