Program Overview

Application

Please apply from the following form.

We will contact you within 2 business days of your application to your registered e-mail address regarding the Vulnerability Testing Environment.
We may take longer to respond 5-7 business days during the year-end and New Year's holidays.

Apply for Vulnerability Testing Environment Program

Participating in the Vulnerability Testing Environment Program in Conjunction with the Cybozu Bug Bounty Program

If you are already participating in the Bug Bounty Program, you can request access to a testing environment at the Reporting Site. If you do not have an account for the Reporting Site, please agree to the terms and conditions of the testing environment when you request an account using the Reporting Site Account Request Form.

Program Eligibility

Anyone who wishes to test product vulnerabilities is eligible.
For example, those who:
- Wish to access a testing environment before starting to use a service
- Wish to test the vulnerability of customizations
- Wish to access a testing environment to participate in the Bug Bounty Program

Cost

Free of charge.

Availability

The testing environment is available year-round.
However, if the testing environment is not accessed for more than 6 months, the environment will be deleted after the user has been contacted by email.

Application Requirements

・You agree with the terms and conditions of the application.
・You can communicate in Japanese or English.
・You are not an employee of Cybozu Inc. or its subsidiary companies.
・You can provide equipment available to access a tested environment. There are no restrictions on what kind of equipment can be used.

Services and Products We Provide

Cloud Services

With the bug bounty testing environment program, we provide a system that is on physically separate servers and lines from the production environment. You can conduct tests safely without considering any impact on the production environment.

Notes

1. Do not conduct testing with the purpose of putting load on the test environments.
2. Services provided through the bug bounty testing environment program are running in "debug mode". If an error occurs on a service that is running in "debug mode", detailed information about the error will be displayed on the screen. The information on such error screens is provided for our debugging, and it is out of scope from your vulnerability testing.
3. The bug bounty testing environment will be down once a month for scheduled maintenance. We will notify you in advance of the maintenance, but the notification may be sent at the last minute due to circumstances beyond our control. Please also note that the maintenance may be performed multiple times during a month due to emergencies such as unscheduled maintenance.