Defined Terminology
Here, you will find definitions of terms used on the Remedy bug bounty platform.
Last updated
Bug bounty
Here, you will find definitions of terms used on the Remedy bug bounty platform.
Last updated
Valid
Valid reports are submissions that include real security vulnerabilities within the program’s defined scope.
Duplicate
Report containing the same valid issue, scope, and similar attack vector and impact that was previously submitted.
Invalid
A report is considered invalid if it does not describe a legitimate security vulnerability and/or represents a theoretical risk without a proper PoC.
Out of scope
The cases when the report is considered as out-of-scope:
The bug report does not align with the overall program asset type.
The report's severity level is out of scope.
The reported vulnerability type is listed in the “Out of Scope” section.
The domain of the reported bug
Is listed in the “Out of Scope” section;
Is not mentioned in the "Assets in Scope" section.
Low-quality report
Submission that does not meet the
Spam
Reports that are incomprehensible, AI-generated, abusive, or exhibit harassment, as well as those attempting to sell any product or service.
