Found a Security Exploit in Popular Software – Seeking Advice on Anonymous Reporting and Potential Rewards

Hi everyone,

I recently discovered a significant security exploit in a well-known software application. I'm keen to report this issue to the company's security team

However, I prefer to remain anonymous during this process. I have a few questions and would appreciate any advice or insights from those who have experience in this area:

  1. How can I report this exploit to the company's security team anonymously? Are there specific tools or methods recommended for maintaining anonymity while ensuring the report is taken seriously?
  2. What steps should I take to ensure the report is credible and detailed enough for the security team to act on it? Any tips on how to structure the report or what information to include would be very helpful.
  3. Is it common for companies to offer rewards or cash prizes for discovering and reporting security vulnerabilities? and what are the typical procedures for claiming such rewards? i mean to say that will i get any cash reward in return of that or what are the typical procedures for claiming such rewards?

will be grateful in advance for your help and guidance!

submitted by /u/Bubbly-Housing-393
[link] [comments]

from hacking: security in practice https://ift.tt/Nntw9BL

Comments