All services are online

[email protected]

Careers

Billing Portal

Dashboard

Menu
Start for Free
Book a Demo
Menu

Vulnerability Disclosure Policy

Overview

At Proxidize Ltd, ensuring the safety and security of our customers, employees, and products is paramount.

We appreciate the security community’s efforts in responsibly identifying and reporting vulnerabilities. This

policy outlines the procedures and guidelines for submitting vulnerabilities to us.

By submitting a vulnerability report, you acknowledge that you’ve read, understood, and agree to adhere to

this policy.

Scope

You are authorized to test the following assets:

 

Out-of-Scope: Any services or domains not explicitly listed above.

Prohibited Activities

To protect our users and infrastructure, the following actions are strictly prohibited:

  • Denial of Service (DoS) or any form of service disruption.
  • Brute forcing or excessive rate-limiting tests.
  • Automated scans causing high volumes of traffic.
  • Social engineering attacks on employees, contractors, or partners.
  • Any activity resulting in disruption of our services or operations.

Legal Authorization

Proxidize Ltd commits to not pursuing legal action against individuals who responsibly disclose vulnerabilities under the following conditions:

  • Testing is conducted without causing harm or disruption to Proxidize Ltd, its customers, or third parties.

  • Vulnerability testing remains strictly within the defined scope above.

  • Researchers refrain from publicly disclosing vulnerabilities until Proxidize Ltd has fully remediated the issue and a mutually agreed-upon disclosure timeframe has passed.

  • Researchers comply with all applicable laws in their jurisdiction and the jurisdictions of Proxidize Ltd.

Engaging responsibly in vulnerability research under these conditions is considered authorized. Proxidize Ltd will actively support security researchers who adhere to these guidelines in case of third-party inquiries or legal challenges.

Reporting a Vulnerability

Submit your detailed vulnerability reports to: [email protected]

Reporting Requirements:

Please ensure your report includes:

  • Clear and detailed descriptions of the vulnerability.

  • Impact and risk assessments.

  • Steps to reproduce the vulnerability.

  • Proof-of-concept, ideally including screenshots or video.

  • Specific URLs and IP addresses involved during testing.

  • Any relevant information on how the vulnerability was discovered.

  • Your intended plan or expectations for public disclosure (subject to mutual agreement).

Reports should be written clearly in English. Reports containing proof-of-concept code and detailed reproduction steps will receive priority.

Our Commitment

Upon receipt of your report, Proxidize Ltd will:

  • Acknowledge your submission within 14 business days.

  • Clearly communicate throughout the review and remediation process.

  • Notify you upon successful validation and remediation.

  • Provide appropriate acknowledgment for validated vulnerabilities. Proxidize Ltd may, at its sole discretion, offer rewards based on the severity, exploitability, and overall impact of the vulnerability as determined during the review process.

Reward Scheme

We value the effort security researchers invest in making our platform safer. Based on industry standards and internal impact assessments, Proxidize may offer rewards aligned to the severity and exploitability of reported vulnerabilities. The following tiers are indicative:

Bronze Tier – Up to \$250

  • Client-side Cross-Site Scripting (XSS)

  • Clickjacking with demonstrable risk

  • Access control issues exposing non-sensitive data

  • Insecure Direct Object References (IDOR)

 

Silver Tier – Up to \$750

  • Stored or persistent XSS with user compromise potential

  • CSRF leading to account changes or unintended transactions

 

Gold Tier – Up to \$1,500

  • Remote Code Execution (RCE) in Proxidize SDK

  • Unauthorized data extraction from production environments

  • Access control flaws exposing PII or non-public functionality

  • Privilege escalation within Proxidize-managed accounts

 

Platinum Tier – Up to \$2,000

  • RCE on production infrastructure

  • Authentication bypass granting admin or infrastructure-level access

  • Chainable vulnerabilities resulting in full account or infrastructure compromise

 

Note: Final reward amounts will be determined by Proxidize Ltd and may vary depending on real-world impact, likelihood of exploitation, and report quality.

In the event of duplicated submissions, the first clear demonstration of a vulnerability will be credited.

We appreciate your commitment to responsible disclosure and the enhancement of security for Proxidize Ltd and its customers.

PRICING

RESOURCES

Products

DOCUMENTATION

COMMUNITY

DOWNLOAD
Start For Free
Book a Demo
Talk to Our Sales Team​

Looking to get started with Proxidize? Our team is here to help.

“Proxidize has been instrumental in helping our business grow faster than ever over the last 12 months. In short, Proxidize has empowered us to have control over every part of our business, which should be the goal of any successful company.”

mobile-1.jpg
Makai Macdonald
Social Media Lead Specialist | Product London Design UK

What to Expect:

  • Quick chat to learn about your needs
  • Clear answers on pricing, features, and setup

By submitting this form, you consent to receive marketing communications from Proxidize regarding our products, services, and events. Your information will be processed in accordance with our Privacy Policy. You may unsubscribe at any time.

Contact us
Contact Sales