Eligibility
Reported issues must adhere to the following criteria:
Relate to Avantra software products
Be completely disclosed to the Avantra team including steps to reproduce
Our team must be able to reproduce the disclosure in our lab using a standard configuration
The reported issue must be new (not already disclosed to Avantra)
The researcher must keep the details of the issue confidential until we have had a chance to reproduce, analyse and issue a fix to our customers*
The researcher must provide valid contact information for us to reach out and discuss or clarify the information provided.
These eligibility rules are meant to protect our customers until an update is available, ensuring Avantra can verify reports, create necessary updates and correctly reward those doing original research.
Bounty categories and payments
Please use the form on this page to get in touch to discuss your area of research. The payment amounts are determined by the level of access or execution achieved by the research. The exact payment amounts are determined after review by Avantra.
* We typically try to adhere to the industry standard of a 90-day non-disclosure period to allow for sufficient time to rectify the issue.
Discover
Deep dive
About us
Join us
