We take security seriously. If you discover a vulnerability in our systems, we want to hear from you. We reward valid reports based on severity and impact.
For Security Researchers
Bounty tiers
Confirmed vulnerabilities are rewarded based on their potential impact on our systems, users, and data. Reports must be reproducible and include clear steps to verify the issue.
LOW SEVERITY
$100
USD per valid report
Small Security Oversights
Minor misconfigurations, low-impact information disclosure, or issues that require unusual conditions to exploit with limited risk.
MEDIUM SEVERITY
$500
USD per valid report
Security Loopholes
Realistic vulnerabilities that could be exploited under realistic conditions, e.g., authorization bypasses, privilege escalation, or moderate data exposure.
HIGH SEVERITY
$1,000
USD per valid report
Critical Vulnerabilities
Remote code execution, authentication bypass, large-scale data exposure, or vulnerabilities with systemic impact across our infrastructure.
Reporting Process
How it works
From discovery to payout, the process is straightforward and researcher-friendly. We review every report and aim to respond within 72 hours.
01.
Discover
Identify a potential vulnerability within Jurin AI systems or services.
02.
Report
Email us with full details, steps to reproduce, and your impact assessment.
Confirmed, reproducible vulnerabilities that pose genuine risk to our systems, users, or data. Reports must include clear steps to reproduce, proof-of-concept where applicable, and your impact assessment. We value quality over quantity.
Out-of-Scope
What we don't cover
Social engineering, physical attacks, denial of service, issues already known to our team, vulnerabilities in third-party services outside our control, and reports generated solely by automated scanners without manual validation.
