Bug Bounty Program
Find a flaw, get rewarded.
We value the contributions of security researchers in helping us maintain a secure platform for our users. This program rewards individuals who discover and responsibly report vulnerabilities in our systems.
The program
How to take part.
Scope
Our bug bounty program covers the following domains and applications:
- willed.com.au
- app.willed.com.au
Rewards
We offer rewards based on the severity and impact of the reported vulnerabilities:
- Critical
- $1,000 – $5,000
- High
- $500 – $1,000
- Medium
- $100 – $500
- Low
- $50 – $100
Submission guidelines
Prepare a detailed report of the vulnerability you’ve discovered. Send your report via email to ryan@willed.com.au with the subject line ‘Bug Bounty Submission’. In your email, include:
- A clear description of the vulnerability
- Detailed steps to reproduce the issue
- Any relevant screenshots or proof of concept
- Your contact information for follow-up communication
Rules of engagement
Do not attempt to access or modify user data. Avoid denial-of-service attacks. Do not use automated scanning tools without permission. Report vulnerabilities promptly and keep findings confidential.
Legal
By participating in our bug bounty program, you agree to our terms and conditions. We provide safe harbour for security research conducted within the scope of this program.
Contact
For any questions or concerns, please contact our security team at ryan@willed.com.au.
Acknowledgements
We appreciate the efforts of all security researchers who contribute to making our platform more secure.