Security Research

Bug Bounty Program

Help us keep Zof AI secure. Report vulnerabilities responsibly and earn rewards.

Submit a ReportSecurity Overview
Security Research
Reward Levels
Critical$5,000 - $15,000
High$1,000 - $5,000
Medium$250 - $1,000
Low$50 - $250

  • $5,000 - $15,000

    Critical

  • $1,000 - $5,000

    High

  • $250 - $1,000

    Medium

  • $50 - $250

    Low
Reward Levels

Reward Levels Priority

Send your report to security@zof.ai with detailed reproduction steps. We will respond within 48 hours.

Critical

$5,000 - $15,000

RCE, Auth bypass, Data breach

High

$1,000 - $5,000

SQLi, XSS (stored), SSRF

Medium

$250 - $1,000

CSRF, Info disclosure, Privilege escalation

Low

$50 - $250

Open redirect, Clickjacking, Missing headers

In Scope

In Scope

Testing Guidelines

DomainDescriptionPriority
appMain applicationCritical
apiAPI endpointsCritical
websiteMarketing websiteHigh
docsDocumentationMedium
Program Rules

Program Rules

Eligibility
  • You must be 18 years or older
  • You cannot be a current or former Zof AI employee
  • You must not reside in a country under US sanctions
Testing Guidelines
  • Only test against your own accounts
  • Do not access, modify, or delete other users' data
  • Do not perform denial of service attacks
  • Report vulnerabilities promptly and keep them confidential
Out of Scope
  • Social engineering attacks
  • Physical security testing
  • Third-party services and applications
  • Spam or rate limiting issues
Found a Vulnerability?

Found a Vulnerability?

Send your report to security@zof.ai with detailed reproduction steps. We will respond within 48 hours.

Submit ReportSecurity Overview
01Governance + executive visibility

Reports leaders, auditors, and the board can actually use.

Zof generates the reports your release reviews, compliance evidence packs, and executive readouts already need, on a cadence you set, with the data trail attached.

EXECUTIVE

Weekly summaries

Release health in one view.

AUDIT-READY

Compliance pack

  • SOC 2
  • ISO
  • evidence trail.

CADENCE

Scheduled

Generated automatically on your schedule.

AUDIT-READY/reports
Zof AI reports page with four template cards, Weekly Release Summary, Coverage Trends, Risk Assessment Report, and Compliance Evidence Pack, each with Generate and Schedule actions, plus tabs for Generated Reports, Saved Views, and Scheduled.
Reports · /reports · four enterprise templates · live from the product.
  • 01 · TEMPLATES
    • Weekly
    • Coverage
    • Risk

    Schedule or generate on demand

  • 02 · COMPLIANCE EVIDENCE
    • SOC 2
    • ISO
    • audit pack

    Exportable evidence trail

Bug Bounty Program | Zof AI Security