BhejDe
Security Program

BhejDe Shield

A community-driven initiative rewarding ethical hackers and security researchers for responsibly disclosing vulnerabilities in the BhejDe™ platform.

Last Updated: March 30, 20264 min read7 sections

At BhejDe™, we believe in building a secure, reliable, and transparent SaaS ecosystem. To strengthen our platform, we invite ethical hackers, developers, and security researchers to participate in our BhejDe Shield — a community-driven initiative to identify and responsibly disclose vulnerabilities.

1. Purpose

BhejDe Shield rewards individuals who help us improve the security, reliability, and compliance of BhejDe™ by reporting valid vulnerabilities.

2. Scope

Eligible areas include:

  • Web Application: www.bhejde.com and associated SaaS modules.
  • APIs & Integrations: CRM workflows, billing, and analytics endpoints.
  • Authentication & Access Control: Login, session management, and role-based permissions.
  • Data Security: Invoice, payment, and operational data handling.

Out of scope:

  • Social engineering, phishing, or physical attacks.
  • Denial-of-service (DoS/DDoS) testing.
  • Third-party services not owned by BhejDe™.

3. Responsible Disclosure

Participants must:

  • Report vulnerabilities privately to security@bhejde.com.
  • Provide clear steps to reproduce the issue.
  • Allow reasonable time for remediation before public disclosure.

4. Rewards

We value your contribution and offer recognition:

Hall of Fame

Your name featured on our website.

Swag & Certificates

Exclusive BhejDe™ merchandise and digital certificates.

Cash Rewards

Based on severity and impact (₹1,000 – ₹20,000).

5. Severity Levels

SeverityExample VulnerabilitiesReward
⛔ CriticalRCE, auth bypass, SQL injection₹10,000 – ₹20,000
⚠ HighIDOR, data exposure, privilege escalation₹5,000 – ₹10,000
▶ MediumXSS, CSRF, business logic flaws₹2,000 – ₹5,000
ⓘ LowInfo leaks, minor misconfigurations₹1,000 – ₹2,000

6. Legal Safe Harbor

  • Researchers acting in good faith will not face legal action.
  • Do not exploit vulnerabilities beyond proof-of-concept.
  • Do not access, modify, or delete user data.

7. Contact

Report vulnerabilities or ask questions about the program:

security@bhejde.comHilalpur, Hajipur, Vaishali, Bihar – 844502