Ipolisi Engokuxela Iingxaki Ezikwiwebhsaythi

I-Paxful, Inc. (ikwabizwa ngokuba “yi-Paxful,” “thina,” “thina,” okanye “eyethu”) ithatha amanyathelo okuphucula imveliso yethu kunye nokunikezela ngezisombululo ezikhuselekileyo kubathengi bethu. Kule Polisi Yokuxela Iingxaki Ezikwiwebhsaythi (“I-Polisi”), sichaza iimeko ezifanelekileyo zenkqubo yethu ye-Bug Bounty ukuba isetyenziswe njani ngokunxulumene nokusebenzisa kwakho iiwebhusayithi zethu kuquka, kodwa kungaphelelanga, https://paxful.com/, iwalethi ye-Paxful, iplatfomu yethu ye-intanethi yorhwebo nge-bitcoin, usetyenziso lwefowuni, amakhasi onxibelelwano, okanye ezinye iipropathi ezikwi intanethi (ngokudineneyo, “iWebhusayithi”), okanye xa usebenzisa nayiphi na imveliso, iinkonzo, ikhontenti, iimpawu, itekhnoloji, okanye imisebenzi esinikela ngayo (ngokudibeneyo, “Iisevisi”). Le Polisi iyilelwe ukukunceda ufumane iinkcukacha malunga nokuba ungathatha inxaxheba njani kwiNkqubo yethu ye-Bug Bounty, ukuba zeziphi iziphumo zophando ezikhuselekileyo, nokuba zeziphi izibonelelo onokuzifumana. Nceda uqaphele ukuba ukubonelela ngeesevisi kwethu kuyahluka ngokwengingqi.

Kuzo zonke iinjongo, inguqulelo yesiNgesi yale polisi ye-bug bounty iya kuba sisixhobo sokuqala, esilawulayo. Kwimeko apho kukho ukungavisisani phakathi kwenguqulelo yolwimi lwesiNgesi yale polisi ye-bug bounty kunye naluphi na uguqulelo olulandelayo kulo naluphi na olunye ulwimi, inguqulelo yolwimi lwesiNgesi iyakuba yiyo esebenzayo.

Yintoni Inkqubo ye-Bug Bounty?

Ukuze kuphuculwe i-Paxful kunye neeSevisi, iNkqubo ye-Bug Bounty ka-Paxful ibonelela ngethuba kubasebenzisi bethu lokuba bafumane umvuzo xa befumana izinto zeteknoloji ezingasebenzi kakuhle.

Ungazazisa njani kuthi izinto ozifumeneyo ngeNkqubo ye-Bug Bounty?

Lonke unxibelelwano olunje lumele lubhekiswe ku [email protected] . Koko ukufakayo nceda ucacise inkcazelo epheleleyo yokuba uye wachanabeka kunye nobungqina obuqinisekileyo bokuba kukhona ukuchanabeka (ingcaciso / amanyathelo okuvelisa kwakhona / izikrinshoti / iividiyo / izikripthi okanye ezinye izinto).

Imithetho yeNkqubo

Ukophula nawuphi na kule mithetho kunokubangela ungayifanelekeli i-bounty.

  • Uvavanyo lobuthathaka kuphela kwiakhawunti ongumnini wayo okanye iiakhawunti onemvume evela kumnini akhawunti ukuba ungayivavanya.
  • Ungaze usebenzise okufumanisileyo ukuze ufikelele /ukhuphele idatha okanye uyise kwezinye sistim. Sebenzisa ubungqina bokuba iyasebenza into ukuze ubonise ukuba kukho ingxaki.
  • Ukuba inkcukacha ezibuthathaka ezifana neenkcukacha zomntu, iziqinisekiso, njl.. ziyafikelelwa njengenxalenye ezisesichengeni, akufuneki zigcinwe, zigqithiselwe, zifikelelwe, okanye zihanjiswe emva kokufunyanwa kuqala.
  • Abaphandi abanakho, kwaye abagunyaziswanga ukuba bazibandakanye naziphi na iintshukumo ezinokuthi ziphazamise, zonakalise okanye zonzakalise i-Paxful.
  • Abaphandi abanakho ukubhengeza esidlangalaleni ubuthathaka (babelane ngazo naziphi na iinkcukacha nokuba ngubani na ngaphandle kwabasebenzi abagunyazisiweyo be-Paxful), okanye babelane ngobuthathaka kunye namaqela esithathu, ngaphandle kwemvume ye-Paxful.

Siyivavanya njani imiba efunyenwe phantsi kweNkqubo ye-Bug Bounty?

Zonke iziphumo ziyavavanywa ngokusetyenziswa indlela esekelwe ngoko mngcipheko.

Isivumelwano Sokungadizi Izinto

Ngaphambi kokuba siqalise ukuthetha ngazo naziphi na iinkcukacha ezinxulumene nemiba eqinisekisiweyo othe wayifumana phantsi kweNkqubo ye-Bug Bounty, kuquka imbuyekezo, njl, kuya kufuneka ukuba ube neSivumelwano Sokungadizi Izinto kunye nathi.

Siyihlawula njani imivuzo yeNkqubo ye-Bug Bounty?

Yonke loo mivuzo injalo ihlawulwa yi-Paxful. Yonke imivuzo ingahlawulwa kuphela xa ingaphikisani nemithetho nemimiselo esebenzayo, oko kuquka izohlwayo kwezorhwebo kunye nezithintelo zoqoqosho kodwa kungaphelelanga apho.

Kuya kusithatha ixesha elingakanani ukuhlalutya iziphumo zakho zeNkqubo ye-Bug Bounty?

Ngenxa yobume obahlukeneyo nobunzima bemicimbi yezobuchwephesha, asikamiseli maxesha athile okuhlalutya iziphumo phantsi kweNkqubo ye-Bug Bounty. Uhlalutyo lwethu lugqityiwa kuphela xa siqinisekisile ubukho okanye ukungabikho bomngcipheko.

Zeziphi izinto ezingeyonxalenye yeNkqubo ye-Bug Bounty?

Ubuthathaka obuthile buthathelwa ingqalelo yokuba ngaphandle komda kwiNkqubo ye-Bug Bounty. Obo buthathaka buphandle komda buquka, kodwa bungaphelelanga:

  • I-Spam;
  • Ubuthathaka obufuna ukuqhatha abantu ukuze kufunyanwe iinkcukacha zabo/ubuqhetseba;
  • Uhlaselo lwe-DDOS;
  • Imiba eqikelelwa ukuba inokubakho kodwa ingenagalelo libambekayo;
  • Ubuthathaka Bezokhuseleko kwii-aplikeyshini zamaqela esithathu nakwiwebhusayithi zamaqela esithathu edityaniswe ne-Paxful;
  • Izinto eziveliswe siskena okanye iingxelo ezenziwe siskena;
  • Imiba efunyenwe ngovavanyo oluzenzekelayo;
  • Ukukhutshwa esidlangalaleni iingxaki kwisoftware ye-Intanethi zingadlulanga iintsuku ezingama-30 zokuxelwa kwazo;
  • Ukuqhawulela unxibelelwano oluphakathi kwamaqela amabini;
  • Ukufakwa komphathi okhekelayo ngaphandle kwenkcazo ethile, kwempembelelo ebonakalayo;
  • I-Self-XSS, equka nayiphi na i-payload engeniswa lixhoba;
  • I-CSRF yokuloga ungene/loga uphume;

Inkcazelo Engakumbi

Ukuba ufuna iinkcukacha ezingakumbi malunga nale Polisi, ungaqhagamshelana nathi nge-imeyili [email protected].