How can we help?
Find answers in our articles:
Find answers in our articles:
At Rain, we recognize the value that security researchers provide to our community, and as such, we encourage the responsible disclosure of any legitimate vulnerabilities. Fair compensation will be provided for qualifying discoveries. We encourage researchers to report any findings by sending an email to [email protected].
What is a qualifying discovery?
A qualifying discovery should directly involve a security vulnerability relating to, but not limited to, the following: website, mobile applications, and other technological infrastructure. Rain will ultimately decide if a discovery is qualifying or not.
Some examples of discoveries that would not be eligible include:
Findings related to third parties that do not relate to security of the Rain platform (e.g. support.rain.com, the live chat app, etc)
Informational bugs that do not have any impact on the security posture of Rain
DDoS related attacks
Issues that have previously been discovered by other researchers
Failing to provide instructions to reproduce
Abusing the discovery to negatively impact Rain, or its customers, in any way
When submitting a report, make sure to include to include the following:
Steps and instructions to reproduce
Proof of concept
Recommendations
BTC address for compensation
Rain will review your submission and you will receive a response in at least 30 business days.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article
Have more questions? Submit a ticket
Our support agents are standing by.
We guarantee a 24 hour response whether it is a live chat or email.