We are happy to announce our first bug bounty program! We've done our best to clean most of our known issues and now would like to request your help to spot the once we missed!
We are mostly interested in leaking of data: personal / group information that should not be publicly available. But any other findings that would deteriorate our end-user experience and/or can impact to our end-users would be very valuable to us!
Notice about the Interactive Learning Environment at DataCamp
Given DataCamp provides a learn by doing platform we provide every user with an interactive coding session. These sessions are supported by a container per user. These containers are short-lived and segregated from other parts of the platform.
DataCamp is aware that it is possible to create reverse shells etc. on these containers and we consider that an acceptable risk. However, we are interested in vulnerability scenarios where someone is able to break out of a container, or similar.
Domains involved:
- sessions.datacamp.com
- workspace-sessions.datacamp.com
- multiplexer-prod.datacamp.com
- multiplexer-paid.datacamp.com
How can I access the platform?
You can self-register on datacamp.com
Please use your intigriti.me email address
Enterprise B2B features
In case you also want to have access to the Enterprise B2B features you can join a shared group with other Intigriti members here
In the situation where you would like to test certain things against another Enterprise B2B Group we have set up a second group.
In this second group, on request, we also allow you to become an Admin to the organization. Invite link to be added as member here, elevating rights to admin will be performed manually on request (security+intigriti-invitation @ datacamp.com).
In both cases the invitation link will only accept @intigriti.me accounts