SSD provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. SSD was designed by researchers, for researchers and will give you the fast response and great support you need to make top dollar for your discoveries. We are looking to acquire zero-day vulnerabilities, in different stages of research, affecting major operating systems, software, devices and report them to the vendors and to our clients. We believe researchers need to get paid for their efforts, that’s why we (Beyond Security) will acquire your research (money guaranteed) and report the vulnerabilities for you.

 

 

Scope

Products we are interested:

  • Operating systems: Windows / Linux / OSX
  • Mobile: iOS / Android
  • Web Browsers: ToR / Chrome / Safari / Edge / FireFox
  • Plugins / Readers: Flash / Adobe Reader / Microsoft Office
  • CMS: WordPress / Joomla / Drupal / vBulletin
  • Web Hosting Control Panel: cPanel / Plesk / PHPMyAdmin 
  • Web mails: Microsoft Exchange Server / Postfix / Zimbra / Roundcube / Atmail / SquirrelMail / Horde etc
  • Others: Protocols / Firewalls / Routers / PHP / AntiVirus / Mobile Baseband / NAS / DVR
  • Found vulnerability in something out of our scope? send us an email and we will search for a relevant buyer? ssd@beyondsecurity.com

 

Submission Process

  1. You send us a brief description of the vulnerability.
  2. We may follow up with questions.
  3. We sign a contract.
  4. You send us the vulnerability.
  5. Our technical team verifies the vulnerability.
  6. We contact the vendor.
  7. You get paid.
  8. The vulnerability is responsibly disclosed and published.


 

Q&A

How much can I earn from working with you? 

The amount paid to you depends on 2 different variables:

 

    • How widespread the software/hardware is; popular products typically reach higher amounts. 

 

    • How critical the vulnerability is. For example, if you find an unauthenticated arbitrary code execution vulnerability, you would be substantially paid higher than if you find Cross Site Scripting vulnerability.

 

What if I want to stay anonymous?
Fine by us! A lot of our researchers choose to stay anonymous. 
What is your policy regarding privacy and confidentiality of researcher's information?
We take the privacy of researchers very seriously and do not disclose to any third party (including to customers) any personal information about researchers such as names, aliases, email addresses, bank details, or any other personal or confidential information.

Which payment methods are available? We support various payment methods. Wire transfer, PayPal (up to $2000), Bitcoin, Gift cards, etc


What is the difference between SSD and Bug Bounties or other programs?

Money:

  • We are willing to pay more than bug bounties programs.
  • If a vendor doesn't have any bug bounty program - we will still acquire the vulnerability and report it to the vendor / our clients.
  • We believe researchers need to get paid for their effort and we are willing to offer higher rewards for researchers. We give another option to researchers, "Sell us your vulnerabilities and not to the black market."



Bureacracy:

  • We will handle all the reporting process for you.
  • We will publish your research.

 

How to submit my research?
Send us an email  ssd@beyondsecurity.com - It's that easy!


SSD community

As part of our vulnerability disclosure program we established a closed community where we invest a lot of resources to support the researchers who work with us. We believe in long-term investment and if we will provide the tools, education and knowledge to our researchers, they will find more vulnerabilities, advanced attack vectors and innovative ways to exploit them.

We sponsor researchers workshops, courses, software licenses, various hardware and conferences , flights, entry tickets, accommodation and more! We are always looking for new researchers to be part of our community. That's why we are promoting our “Refer a friend program”. We basically offer $4000 to researchers who refer us to a new security researcher that starts to work with us.

As part of our way to support the international community we sponsor security conferences around the world - from Black Hat USA to community conferences such as DefCamp Romania. We publish the vulnerability's technical information in our blog (blogs.securiteam.com), Twitter (@SecuriTeam_SSD) and vendor advisories. We also are proud to give lectures and hacking competitions at international security conferences.   

In 2016 we sponsored (in each conference our community researchers Attended):

  1. Hack In The Box
  2. Syscan
  3. Ekoparty
  4. Code Blue
  5. DefCamp
  6. HITCON

 

Vulnerability report template

1) Vulnerability Title

2) Date of submission

3) Description of Product (from vendor/site)

4) Description of Vulnerability
4.1) Title
4.2) Product
4.3) Version
4.4) Homepage
4.5) Binary Affected
4.6) Binary Version
4.7) Binary MD5

5) Configuration Requirements

6) Vulnerability Requirements

7) Vulnerability Summary Information
7.1) Vulnerability Class
7.2) Affected Versions Tested
7.3) Affected Versions Assumed (explain assumption)
7.4) Unaffected Versions
7.5) Affected Platforms Tested (Windows, Linux, 32bit, 64bit, 10 RS1, 10 RS2, 2016, Ubuntu, etc)

 

7.6) Reliability Rating (Percentage)
7.7) Supported Targets (In what environment your PoC/exploit works 32bit/64bit, Windows, Linux, etc)
7.8) Attack Vector (Client Side File, Remote LAN, etc)
7.9) Exploitation Impact (Code Execution, Denial of Service, etc)
7.10) Exploitation Context (runs on Server/ attacks User)
7.11) Exploitation Indicators (crash of product, product closes and shell executes, log file indicates crash, etc)
7.11.1) In case of a just a "crash", how to debug and see the crash
7.11.2) In case of an exploit, how to change the shellcode
7.12) Perquisites (enabling certain checkboxes, certain configuration settings)

8) CVSS Score (use http://nvd.nist.gov/cvss.cfm?calculator&version=2 )

9) Vulnerability Workaround (can the vulnerability be mitigated by enabling some feature)

10) Vulnerability Technical Details

11) Exploitation

12) Items delivered (a list of files provided with the submission, what they do and how to use them, if any third-party are needed to compile the exploit please provide a URL, or reference to it).