Bug Bounty Program

Wrapped Technologies, Inc.

At Wrapped Health, we take the security of our platform and the protection of our users' data seriously. We welcome responsible disclosure of security vulnerabilities from the security research community.

Scope

Our bug bounty program covers security vulnerabilities found in:

  • Our web applications and APIs
  • Authentication and authorization mechanisms
  • Data handling and storage processes

Guidelines

  • Provide detailed reports with reproducible steps
  • Give us reasonable time to address the issue before any public disclosure
  • Do not access, modify, or delete data belonging to other users
  • Do not perform actions that could degrade the availability of our services
  • Do not use automated scanning tools in a way that generates excessive traffic

Out of Scope

  • Social engineering attacks
  • Denial of service attacks
  • Issues in third-party services or applications
  • Vulnerabilities requiring physical access to a device

How to Report

If you believe you have found a security vulnerability, please report it to us at:

Email: hello@getwrappedhealth.com

Please include:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce the issue
  • Any relevant screenshots or proof of concept

We will acknowledge receipt of your report and work with you to understand and address the issue.

Recognition

We appreciate the efforts of security researchers who help keep Wrapped Health and our users safe. We are committed to working with the security community in good faith and will not pursue legal action against researchers who follow these guidelines.