Hari Iyer | SyncEzy

Hari Iyer | SyncEzy

CEO
  • Reading Icon 3 Min Read
  • Reading Icon Jul 15, 2024
SyncEzy Bug Bounty Program

SyncEzy Bug Bounty Policy

At SyncEzy, we take the security and reliability of our integrations seriously. We value the efforts of the security research community in helping us maintain high standards of security. If you discover a vulnerability in our systems, we encourage you to report it to us so we can address it promptly. As a token of our appreciation, we offer rewards for valid reports that help improve our services.

Bug Bounty Reward Categories

P1 (Critical) – US$100 Reward:

Vulnerabilities that can lead to unauthorized access to user data, execution of malicious code, or severe disruption of service.

Examples: Remote Code Execution, SQL Injection, Authentication Bypass, etc.

P2 (High) – US$50 Reward:

Vulnerabilities that can have a significant impact but may require user interaction or certain conditions to be exploited.

Examples: Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Privilege Escalation, etc.

Reporting Guidelines:

Ensure that your report is clear and detailed. Include steps to reproduce the issue, proof of concept, and any relevant screenshots or logs.

Do not exploit the vulnerability beyond what is necessary to demonstrate its existence.

Avoid violating the privacy of our users, disrupting our services, or destroying data.

Minor issues or spurious reports that do not pose a significant risk will not be eligible for rewards.

The Decision of SyncEzy management on the severity of the bug report would be final, we are happy to engage with Independent security analysts but bounties would only be paid for P1 and P2 bugs where you have made a clear and full disclosure.

Do not report Syncezy.com WordPress site, Contact forms, Chatbot inputs and other basic errors, these do not qualify for the bug bounty.

The Bug bounty program exists to make our integrations platform secure, any reports that are not directly related to that will not quality for the bounty.

SyncEzy reserves the right to decide what is and isn’t a qualifying bug for the program, irrespective of any changes we make based on the reports. Our team’s decision on the reports is final. We may change the reward or the policy as required by the business.

How to Report:

To report a vulnerability, please use this contact form

Include the following information:

A detailed description of the vulnerability.

Steps to reproduce the issue.

Your contact information for us to follow up with any questions and to deliver the reward if applicable.

Thank you for helping us keep SyncEzy secure!

Author

Hari Iyer | SyncEzy
Hari Iyer | SyncEzy
CEO

Hari Iyer is the Founder and CEO of SyncEzy, a pioneering company at the forefront of data integration and automation solutions. With a deep understanding of the power of technology and a passion for solving complex business challenges, Hari has emerged as a visionary leader in the industry. His relentless pursuit of excellence and commitment to delivering tangible results have earned SyncEzy a loyal global clientele.

He is not only a successful entrepreneur but also an active contributor to the technology community, sharing his insights through thought leadership articles, speaking engagements, and mentorship programs. Hari’s ability to navigate the complexities of remote work serves as an inspiration for leaders, highlighting the importance of flexibility, work-life balance, and a results-oriented approach in today’s evolving work landscape.

Under his guidance, SyncEzy has gained widespread recognition for its deep integration solutions that seamlessly connect software applications, eliminate data silos, and enhance operational efficiency.

When not working, Hari is trying to be a better father, reading tech news, playing FPS games, and not exercising as he should.