Security Program
Bug Bounty Program
LAST_UPDATED: January 26, 2026
Written Authorization
If you comply with the policies in this program, we consider your security research to be authorized. We will not take legal action against you or initiate a complaint to law enforcement for security research that is conducted within the scope of this policy.
We waive any relevant restrictions in our Terms of Service that would otherwise prohibit security research, provided that you act in good faith and follow the guidelines outlined below.
Program Scope
In-Scope
- *.ascenders.me
- ascenders.me
- Our Web Applications
- API Endpoints
Out-of-Scope
- Third-party services
- Physical security
- Social engineering
- Denial of Service (DoS)
Safe Harbor Rules
- 01.Do not cause harm to Ascenders or our users.
- 02.Do not access or modify data that does not belong to you.
- 03.Give us a reasonable amount of time to fix the issue before public disclosure.
- 04.Only use your own accounts for testing purposes.
Reporting
Found something? Send a detailed report to our security team. We acknowledge all legitimate reports and offer rewards for critical vulnerabilities.
Contact Security Team