Bug Bounty Program

Draftline Technologies Vulnerability Disclosure & Bug Bounty Program Purpose Draftline Technologies is committed to protecting customer data and maintaining secure systems. This program enables responsible disclosure of vulnerabilities. Scope In Scope: draftlinesmartsystem.com, draftlineanalytics.io, mobile apps, APIs. Out of Scope: third-party services, social engineering, DoS, physical attacks. Rules of Engagement Act in good faith, avoid accessing data, test only authorized accounts, do not disrupt systems. Safe Harbor No legal action if policy is followed and findings are responsibly disclosed. Reporting Email security@draftlinetechnologies.com with description, steps, impact, and proof. Response SLA Acknowledgement within 3 days, assessment within 7 days, resolution based on severity. Public Disclosure No public disclosure until resolved and approved. Internal Handling Log, triage, remediate, document, and validate fixes.

Reward Structure

Severity Reward Critical $500 – $2,500

High $250 – $1,000

Medium $100 – $500

Low Recognition / Swag