Discover the Yugabyte Private Bug Bounty Program on HackerOne

We are excited to share details of our new private bug bounty program on HackerOne.

As part of our ongoing commitment to maintaining the highest security standards and to ensuring the integrity of our customers’ data, Yugabyte has partnered with HackerOne, the leading platform for security vulnerability coordination and bug bounty.

We are inviting a select group of ethical hackers to conduct real-time penetration testing on YugabyteDB Aeon, our PostgreSQL-compatible managed cloud database service.

Why Launch a Bug Bounty Program?

The Yugabyte bug bounty program capitalizes on the global security community’s expertise to strengthen YugabyteDB Aeon’s security posture. By inviting select security researchers and pentesters to uncover and report vulnerabilities, we can identify security issues and fix potential gaps before they affect our users.

Who Will Be Testing?

The Yugabyte bug bounty program is currently in a private phase to ensure high-quality, manageable submissions. Participation is by invitation only, allowing us to choose from, and collaborate with, selected researchers known for their skill and integrity in the cybersecurity field.

Rewards and Recognition

Yugabyte values the security community’s efforts in helping us protect and harden our systems. We offer competitive rewards for the responsible disclosure of verifiable security issues. Rewards will be determined by the severity of the bug, assessed under the Common Vulnerability Scoring System (CVSS).

Join Our Security Mission

We believe that collaboration is essential to building a secure and robust digital infrastructure. If you are a security researcher or pentester  and you think you can make a significant contribution to our program, we want to hear from you!

How to Participate

To request an invitation to our private bug bounty program, please email security@yugabyte.com with your HackerOne profile and share a brief account of your security testing background. We are excited to grow our community of security professionals and look forward to your valuable contributions.

To find out more about Yugabyte’s approach to end-to-end security, and our security mission and objectives, check out the Yugabyte Security and Trust Center.