Asana
Top 10K siteBounty Partial Safe Harbor
Up to USD $6,500
Program Details
- Managed
- Yes
- Allows Disclosure
- No
Scope (10 targets)
web: 5 mobile: 2 other: 3 In Scope
- app.asana.com web bounty-eligible
- asana.com web bounty-eligible
- *.asana.plus web bounty-eligible
- Asana Desktop App other bounty-eligible
- Asana iOS app mobile bounty-eligible
- Asana Android app mobile bounty-eligible
- form.asana.com web bounty-eligible
- *.app.asana.com web bounty-eligible
- *.asana.biz other bounty-eligible
- Subdomain takeover at *asana.biz other bounty-eligible
Out of Scope
Other subdomains of asana.com, Social engineering against Asana Support or Asana Employees, jira*.integrations.asana.plus, asana.okta.com, assets.asana.biz, Forms that you do not own
security.txt
- Contact
- https://bugcrowd.com/asana, mailto:[email protected]
- Policy
- https://bugcrowd.com/asana
- Hiring
- https://asana.com/jobs/engineering
- Acknowledgments
- https://bugcrowd.com/engagements/asana/hall_of_fames
- Languages
- en
- Expires
- Dec 31, 2026