HostDime holds client privacy, security, and availability above all else; we welcome researchers to help us achieve these goals by identifying vulnerabilities via our Bug Bounty Program!
HostDime provides enterprises with bare metal and cloud server infrastructure. HostDime looks forward to working with the security community to find potential issues and exploits in this environment in order to keep our clients and their businesses safe and available.
If you believe you’ve encountered a security vulnerability in our server environment, please e-mail us at core.desk@hostdime.com and provide the following information:
- Type of vulnerability.
- Potential impact of vulnerability.
- Proof of concept or detailed description of steps taken to reproduce vulnerability.
- How vulnerability can be exploited.
We will review the bug and reply with details on eligibility for bounty and how to receive it. Upon discovery of a potential security issue, we’ll be sure to resolve the issue ASAP.
Bug Bounty Eligibility
HostDime will issue cloud credits based on the degree of meaningful impact.
Anyone is free to contribute to the bug bounty program. If you would like to receive a bounty payout, you must have a HostDime Cloud account so that we can deposit the cloud credits to your balance.
Bug Bounty Legality
- Do not take advantage of the vulnerability or problem you have discovered.
- Do not extract user data.
- Do not run any Denial of Service attacks against our infrastructure.
- Do not run any automated testing tools against our infrastructure.
HostDime reserves the right to modify, terminate, or discontinue this program at its discretion. Thank you for helping keep HostDime’s users safe and for strengthening our infrastructure!
If you have any questions about this program, please do not hesitate to reach out to jared.s@hostdime.com or feel free to open up a chat with our 24/7 in-house team!
Jared Smith is HostDime’s Director of Marketing.