Envizage is proactively enhancing our security to identify new threats and ensure the security and safety of our customers, partners, suppliers, employees and the organization overall. Our rewards are based on the severity of a vulnerability. Please note, however, that reward decisions are up to the discretion of Envizage. Issues may receive a lower severity due to the presence of compensating controls and context.

Program Rules:

Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue will not be accepted. In order to help us triage and prioritize submissions, Envizage recommends that vulnerability reports:

Any information you receive or collect about Envizage, Envizage’s systems, or any of our users, employees, or agents in connection with the Bug Bounty Program (“Confidential Information”) must be kept confidential and only used in connection with the Bug Bounty Program. You may not use, disclose, or distribute any such Confidential Information, including without limitation any information regarding your Submission, without our prior written consent. Please note, not all requests for public disclosure can be approved. By making a Submission, you give us the right to use your Submission for any purpose.

General Rules:

Out-of-Scope Issues:

In-scope domains:

Thank you for helping keep Envizage safe!