About

SecuriTeam Secure Disclosure (SSD) is a vulnerability disclosure program establish in 2007 by Beyond Security.

SSD acquires high end vulnerabilities in various stages of research, PoC and similar; affecting major operating systems, software, devices. SSD reports them to the vendors and to our clients.

You can read more about our scope: Scope and how to submit your research here: Submission Process.

We believe researchers need to get paid for their efforts, that’s why we (Beyond Security) will acquire your research (money guaranteed) and report the vulnerabilities for you. SSD was designed by researchers, for researchers and will give you the fast response and great support you need.

SSD works with Freelances, Companies, Full / Part time paid researchers and Researchers that have day jobs but on their free time hunt vulnerabilities. We have worked with many researchers / companies during the past 10 years and reported hundreds of vulnerabilities to vendors.

As part of our vulnerability disclosure program we publish the reported vulnerabilities as advisories in our blog.

Furthermore, SSD has established a community of skilled researchers. Through this community we can invest back in the researcher. This investment includes but is not limited to workshops / courses / software license / hardware / conferences – flights, entry tickets, accommodation.

The reason for us to do this investment is that we believe in long-term relationship with our researchers, and that if we will provide them with the tools, education and knowledge, they will find more vulnerabilities / advanced attack vectors and innovative ways to exploit them.

We are always looking for new researchers to join our community. That’s why we are promoting our “Friend Bring Friend” program. We offer $4,000 to researchers who refer us to a new security researcher that starts to work with us.

As part of our support for the international community, we frequently sponsor security conferences – both international and domestic – from Black Hat USA to community conferences such as DefCon Switzerland.

We are also proud to give technical and high-level security lectures, organize hacking competitions (Hack2Win), CTF events and much more.