Announcing Optimizely's Security Bug Bounty Program!
Today, we are very excited to announce our security bug bounty program with Crowdcurity. We recognize the important contributions the security research community can make when it comes to finding bugs. To show our appreciation for researchers who help us keep our users safe, we operate a reward program for responsibly disclosed vulnerabilities. A minimum reward of $100 USD and up to $1000 USD may be provided for the disclosure of qualifying bugs. At our discretion, we may increase the reward amount based on the creativity or severity of the bugs.
If you report a vulnerability that does not qualify under the above criteria, we may still provide a minimum reward of $100 USD if your report causes us to take specific action to improve Optimizely's security.
We rapidly investigate all reported security issues. We will respond as quickly as possible to your report. We request that you not publicly disclose the issue until it has been addressed by Optimizely.
To learn more, check out Optimizely's Bug Bounty Program.
-Kyle Randolph, Optimizely Staff Security Engineer