In order to be eligible for a bounty, your submission must be accepted as valid by LockDown. We use the following guidelines to determine the validity of requests and the reward compensation offered.
Security is of utmost importance to LockDown. In pursuit of the best possible security for our service, we welcome responsible disclosure of any vulnerability you find in LockDown. Principles of responsible disclosure include, but are not limited to:
* In the event that you take any of the actions outlined in “Acceptable Use of Services” of the LockDown Terms of Service and act in a way that violates any of the principles of responsible disclosure set forth above or otherwise shows malicious intent as determined by LockDown, such actions will be deemed a breach of LockDown’s Bug Bounty Program and Terms of Service, and LockDown may pursue any remedies available to it under applicable law.
Our engineers must be able to reproduce the security flaw from your report. Reports that are too vague or unclear are not eligible for a reward. Reports that include clearly written explanations and working code are more likely to garner rewards.
In order to be eligible for a bounty, your submission must be accepted as valid by LockDown. We use the following guidelines to determine the validity of requests and the reward compensation offered.
More severe bugs will be met with greater rewards. We are most interested in vulnerabilities with LockDown for iPhone, LockDown for Android, LockDown for MacOS, LockDown for Windows and getlockdown.com. Other subdomains of LockDown are generally not eligible for rewards unless the reported vulnerability somehow affects LockDown apps or LockDown business customer data.
Please email us at [email protected] with any vulnerability reports or questions about the program.