From 638c2a86756f76a5482698af66ab7813bfc9242a Mon Sep 17 00:00:00 2001 From: vinckr <vincent@ory.sh> Date: Mon, 13 Jan 2025 12:05:51 -0300 Subject: [PATCH 1/2] chore: research guidelines bug bounty --- docs/ecosystem/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/ecosystem/security.md b/docs/ecosystem/security.md index c1729d0bb..f72cabf02 100644 --- a/docs/ecosystem/security.md +++ b/docs/ecosystem/security.md @@ -62,7 +62,7 @@ Prohibited activities: - social engineering like phishing, vishing, or smishing - security scanning with more than 5 QPS against Ory domains -- any activity that leads to disruption of our service longer than 5 minutes +- any activity that leads to disruption of Ory services ### What can you report From a0a64a279265d46616847ec9583460bf475f22b2 Mon Sep 17 00:00:00 2001 From: vinckr <vincent@ory.sh> Date: Mon, 13 Jan 2025 12:07:19 -0300 Subject: [PATCH 2/2] chore: research guidelines bug bounty --- docs/ecosystem/security.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/ecosystem/security.md b/docs/ecosystem/security.md index f72cabf02..20d5946c1 100644 --- a/docs/ecosystem/security.md +++ b/docs/ecosystem/security.md @@ -60,9 +60,11 @@ holder. Prohibited activities: -- social engineering like phishing, vishing, or smishing -- security scanning with more than 5 QPS against Ory domains -- any activity that leads to disruption of Ory services +- creating failing/incomplete subscriptions to paid plans in Ory Network for example with incomplete or fake credit card + information. +- social engineering like phishing, vishing, or smishing. +- security scanning with more than 5 QPS against Ory domains. +- any activity that leads to disruption of the Ory Network service for customers. ### What can you report