At Octerra, we prioritize the security and integrity of our software and the safety of our users. To ensure our platform remains robust and resilient, we invite security researchers, ethical hackers, and anyone with a knack for finding vulnerabilities to participate in our Bug Bounty Program. Your efforts help us maintain the highest standards of security, and we value your contribution immensely. To register as a good-faith security researcher, please submit requests to security@octerra.com.
Third-Party Bugs
If issues reported to our Bug Bounty Program affect a third-party, external project, or another vendor, Octerra reserves the right to forward details of the issue to that party. We will do our best to coordinate and communicate with researchers throughout this process.
Responsible Disclosure Submission Guidelines
We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To ensure a smooth and effective process and encourage responsible reporting, please follow these guidelines when submitting your findings:
- Detailed Report: Provide a clear and concise description of the vulnerability, including steps to reproduce and validate the issue.
- Proof of Concept: Include any necessary code, screenshots, or videos that demonstrate the vulnerability.
- Impact Assessment: Explain the potential impact of the vulnerability and how it can be exploited.
We further ask that you:
- Do not exploit the vulnerability beyond what is necessary to confirm its existence.
- Do not disclose the vulnerability publicly.
- Do not modify or access data that does not belong to you.
- Respect user privacy and data confidentiality during your testing.
Rewards
We offer rewards based on the severity and impact of the reported vulnerabilities. Rewards are granted at the discretion of the Octerra security team, based on the impact and quality of the report.
How to Submit
Please submit your vulnerability reports via our dedicated security email: security@octerra.com. Ensure that your report is encrypted if it contains sensitive information. We will acknowledge receipt of your report within 1-2 business days and provide regular updates as we investigate and address the issue.
Legal
Your participation in the Bug Bounty Program must adhere to our Terms of Use and Privacy Policy and may require the signing of a Non-Disclosure Agreement. Any activities that are illegal, violate user privacy, or disrupt our services will disqualify you from receiving a reward and may result in legal action.
Contact Us
If you have any questions about the Bug Bounty Program or need further clarification, please reach out to our security team at security@octerra.com.
Thank you for helping us keep Octerra secure!