Hello researchers! We have narrowed our scope to only include any malicious content that is currently being hosted on www.pdq.com. Thank you!

Happy Monday Researchers! We are temporarily looking for malicious services hosted on our primary marketing website www.pdq.com. The only findings in scope for this test will be malicious content hosted on the website, this may be in the form of files, links, or comments. Thank you for your help!

At this time our staging environment is down for PDQ Detect. We will be suspending testing for PDQ Detect until we can fix the staging environment. Thank you for your patience!

As a reminder: please use caution when testing our products to ensure that you are only testing for those domains in scope. If you find there is a redirect in our staging environment that goes to a production URL, please notify us so we can fix the redirect. The only product that has the production environment in scope is SimpleMDM.

One of our main goals at PDQ is to make device management secure — and we’re excited to partner with the bright minds in the security community to continuously level up those efforts.
PDQ’s bug bounty program is now public, meaning anyone with an Intigriti account can find and report bugs to us. Most recently, we’ve added Detect, Portal, Auth, and Library as new test subjects, but you can also report bugs related to Connect and SimpleMDM.
With the public release, we’ve made significant changes to our bug bounty page and have updated our list of what is in and out of scope. For more information, visit PDQ’s bug bounty program page.