Cobalt bug bounty programCobalt bug bounty programCobalt bug bounty program

Square thumb cobalt 29d6c232a4f2057ee39c984cecff4b948bf86900d4877b425acb303d4ef9f5c4

Cobalt

Connected Intelligent Security

#CC1

Targets in scope

Description

The objective of this program is to identify vulnerabilities on the Cobalt platform. Vulnerabilities of special interest include:

  • Unauthorized access to vulnerabilities.
  • Access to admin functionalities.
  • Information leaks.

Please use Dummy Program One for testing on Cobalt. You can create test vulnerabilities on the dummy program as part of your research. Please target your own account when investigating a vulnerability.

Out of scope

  • Missing HttpOnly flags, Secure flag, Browser Cache vulnerabilities.
  • Social engineering, DOS/DDOS and usability issues.
  • Vulns related to 3rd-party software (Javascript plugins etc.) are not in scope.

Platform

  • Ruby on Rails, Cloudflare, Heroku

The terms for running and engaging in a security program always apply.

Specs

  • Rewards

    High: $1,500
    Medium: $300
    Low: $100

  • Disclosure Rules

    Responsible disclosure

  • Access Level

    Open for all

  • Response Time / Rate

    2 - 7 days / 100%

  • Researcher Feedback

    Average of all evaluations

Response Time per week
Last 6 months weekly

Latest announcements

Square thumb cobalt 29d6c232a4f2057ee39c984cecff4b948bf86900d4877b425acb303d4ef9f5c4
Cobalt posted an update

Hi! Announcements like this one, should help team members let you know of updates, changes, or new features like this one. This is so that you have a better idea of were there could be vulnerabilities to uncover! We hope you like it!

Oh, and by the way, this announcement is a new feature, so use the big blue button above if you find any vulnerabilities in it!

Square thumb cobalt 29d6c232a4f2057ee39c984cecff4b948bf86900d4877b425acb303d4ef9f5c4
Cobalt posted an update

See our historic response time on new submissions here: https://cobalt.io/cobalt/response-time

Earlier this week

Cobalt closed a report from Bishalshrestha
Gravatar
Bishalshrestha submitted a report

Earlier this month

Cobalt closed a report from hammer_94
Small thumb whitehat94
hammer_94 submitted a report
Small thumb ru94mb1 369c984d7165099b3d6086f0be09e6522dc1f8c1a56cf914c6f9581c151f4cd2
ru94mb submitted a report
Cobalt closed a report from whitehattushu1
Cobalt closed a report from Goku
Small thumb goku
Goku submitted a report
Cobalt closed a report from ooorrraaaxxxooo
Gravatar
ooorrraaaxxxooo submitted a report
Cobalt closed a report from Shubham-Raj

February

Cobalt closed a report from monish
Small thumb monish 4f213c8ad25ae2189d9280a3de9aadab63ccb7be2c64addde5978724bf1ff167
monish submitted a report
Small thumb shubham raj
Shubham-Raj submitted a report
Cobalt rewarded dsopas with a bounty and 3.6 Rep
Cobalt closed a report from monish
Gravatar
whitehattushu1 submitted a report
Cobalt closed a report from lccunha
Small thumb lccunha
lccunha submitted a report
Cobalt closed a report from Arbin