PD/ONE : Vulnerability Reporting Program

"I'm only human. Of flesh and blood, I'm made... Born to make mistakes."

- Human, The Human League, 1986

Practical Data embraces the idea that we all human. Mistakes will be made, but we can rely on each other to make the world a better place. Our vulnerability reporting program provides a path for security researchers and freelancers to report issues and potentially receive a reward for their contribution to the ongoing security of our services.

How we Classify and Prioritize

Practical Data uses Bugcrowd's Vulnerability Rating Taxonomy (https://bugcrowd.com/vulnerability-rating-taxonomy) as our initial guide for prioritizing and classifying vulnerabilities. Please note that this is used as guide for classification, but our team will ultimately determine the priority and severity of any reported issues.

How to Submit a Report

Please email us at "vulnerability@practicaldata.com"

Eligible Sites

Many sites/domains use our PD/ONE services. Reports relating to the security of any of our services running on those sites should be reported here. You may have reached this page after being referred by a site (domain) that uses our software. Please work directly with us to report your vulnerability.

In the event that the reported vulnerability is not related to our software, we will refer the issue to the site in question so that they can handle it or refer it to the correct partner.

Qualifying Vulnerabilities

To be eligible, you must provide a demonstrable security issue with example code to reproduce the issue.

Qualifying issues include:

Issues that do not qualify include:

Rules (for you)

Rules (for us)

Rewards

Based on the severity of the bug (based on our sole discretion), we offer the following rewards:

Severity P1: $600

Severity P2: $250

Severity P3: $100

Severity P4 & P5: A heartfelt "thank you" and potentially some reward if our team thinks it is warranted.

1,000+ Merchants Served Since 2002
Connect
Receive our lastest offers, tips and updates in your email!
Want to learn more?
Schedule an informative online demo to give us a test drive.
2022 Practical Data, Inc. Privacy Policy Terms of Service