Dear KAUST Community,
We are excited to announce the upcoming launch of the KAUST Bug Bounty Program, an initiative to strengthen the security of our digital infrastructure.
By launching this Bug Bounty Program, we are committed to fostering collaboration with the community and leveraging the collective expertise to strengthen our defenses. Together, we can build a more resilient digital infrastructure at KAUST.
In our continuous efforts to ensure the utmost resilience and integrity of KAUST systems, we seek the assistance of talented security researchers and enthusiasts to help identify and mitigate potential vulnerabilities. Remember “Security is Everyone’s Responsibility.”
Program details
Eligibility: The program is exclusively open to the KAUST community.
Scope: Vulnerability assessment is limited to the website provided by KAUST’s Office of Information Security.
Bug categories: We are interested in identifying critical security vulnerabilities, including but not limited to:
- Cross-Site Scripting (XSS)
- Remote Code Execution (RCE)
- SQL Injection (SQLi)
- Privilege Escalation
- Information Disclosure
Responsible disclosure: All identified vulnerabilities must be reported responsibly, following ethical guidelines.
Detailed guidelines, rules of engagement, and a code of conduct will be provided to participants upon enrollment.
Register now to participate
- Register as a bug finder. (Registration will remain open for seven days only.)
- Identify the potential vulnerabilities in the scoped application.
- Comply with rules of behavior and disclosure process for the program.
Access to an expert Cybersecurity Training Platform is included.
Should you have any questions or require further information, please do not hesitate to contact our dedicated Bug Bounty Program team at cyber.events@kaust.edu.sa. Security is everyone’s responsibility and thank you for your dedication towards KAUST Information Security.
Best regards,
Office of Information Security
infosec.kaust.edu.sa
