Nugit Bug Reporting Policy

nugbot karate
Maintaining platform security is a group effort and Nugit encourages independent security researchers to help us spot potential issues. To recognise and reward such efforts, we have created a bounty program for reporting security vulnerabilities.
The scope of Nugit’s bug bounty is limited to Nugit’s web application and external facing API. Nugit's marketing site ( and blog ( are not included in this bug bounty program.
The program is currently on hold until further notice. If you would like to participant in our bug bounty program, please email infosec@nugit.coto register your interest and we will invite you to the program when it reopens. Thank you.