0330 122 3000
Security / Bug Bounty Program
Simwood endeavours to operate in a secure, accountable way. Our complex systems are routinely and extensively tested and audited but it is possible that new or unforeseen weaknesses occur. If you are researching sites for these vulnerabilities you may be able to assist us.
If you are a security researcher that has found a vulnerability in a Simwood service we want to hear from you. If your vulnerability report affects a service in a way that is within scope of our bounty program, you may be eligible for a bounty award. Submissions that give details of how to reproduce a vulnerability are preferred as they may make it faster for us to resolve any issue.
Simwood will make a reasonable judgement as to whether a report qualifies for a bounty, and the level and type of that bounty.
Services and domains in scope:
Please submit your report as soon as you have discovered a potential security issue. Please be succinct. If your research is working on production services you must not violate customer privacy, destroy data or do anything to cause an interruption to services. If in doubt, do not proceed and please contact us. You must not disclose the details of your report to 3rd parties.