bug bounty program

We recognize the value external security researchers can bring to ConfigCat's security.

The Bug Bounty Program is closed!

  • YOU MUST NOT USE BRUTE FORCING TOOLS ON OUR PRODUCTION INFRASTRUCTURE.
  • YOU MUST NOT USE SCANNERS, FUZZERS OR ANY AUTOMATED TOOLS TO FIND VULNERABILITIES.
  • YOU MUST NOT SIMULATE DOS OR USE LOAD TESTING TOOLS ON OUR PRODUCTION INFRASTRUCTURE.