We have implemented a bug bounty program which we will pay a reward to those who discover and report vulnerabilities in our products and services.

Purpose of the program

This program is intended to early discover and remove zero-day vulnerabilities which might exist in products and services provided by Sky Co., Ltd.

Participation Requirements

Anyone can participate in the program if you meet the following requirements.

• You are not an employee of Sky Co., Ltd. or its group companies as of the time of reporting.
• You are not working for Sky Co., Ltd. or its group companies as of the time of reporting under a contract such as a work delegation agreement, secondment agreement, dispatching agreement or the like.
• You have not been employed as full-time employees of Sky Co., Ltd. or its group companies in the past.
• You have not worked in the product development or cloud service operation related work at Sky or its group companies in the past.
• You can communicate with Sky-SIRT in Japanese or English.
• You agree with Sky Bug Bounty Program Terms and Conditions.

How to Participate

In order to participate in the program, please fill in the required items via "Vulnerability Report Form".

If we find any violation of the following items, or any activities that interfere with or may interfere with the operation of our program, we may take measures such as blocking access to our services without prior notice, thereby restricting your participation in the program in the future. For more details, please confirm to Article 13 "Prohibitions" of the term.

Function in Which Security Testing Is Prohibited

Input fields and forms in the services or websites provided by Sky Co., Ltd.

Load Testing Is Prohibited

Do not implement testing methods that put a considerable load on the services or websites provided by Sky Co., Ltd.

Software Products

SKYSEA Client View	SKYDIV Desktop Client
SKYPCE	SKYMEC IT Manager
SKYMENU Pro	SKYMENU Class
SKYATT

Cloud Services

SKYSEA Client View Cloud

SKYMENU Cloud

Websites

As stated in "Sky Bug Bounty Program Terms and Conditions", any implementation of testing method that put a considerable load on the services or websites provided by Sky Co., Ltd. is prohibited.

Restrictions and Prohibitions

Website	Domain
Corporate Website	www.skygroup.jp
SKYSEA Client View Product Website	skyseaclientview.net
SKYSEA Client View Service Maintenance Website	sp.skyseaclientview.net
SKYDIV Desktop Client Product Website	www.skydiv.jp
SKYDIV Desktop Client Service Maintenance Website	sp.skydiv.jp
SKYPCE Product Website	www.skypce.net
SKYMEC IT Manager Product Website	www.skymec.net
SKYMEC IT Manager Service Maintenance Website	sp.skymec.net
SKYATT	www.skyatt.net
SKYMENU	www.skymenu.net
SKYMENU Class	skymenu-class.net
School and ICT	www.sky-school-ict.net
Recruitment Website (for New Graduates)	www.sky-recruit.jp
Recruitment Website (for Mid-career)	www.sky-career.jp

The basic amount of reward is calculated according to the vulnerability type. The amount of the reward is multiplied by “the coefficients by product” on them. For details on how to calculate and judge vulnerability information in the Bug Bounty Program, see "Sky Bug Bounty Program Rulebook".

This program is managed by the Sky-SIRT in Sky Co., Ltd.
All inquiries regarding this program must be made by using the Inquiry form.

Inquiry form

• Sky Bug Bounty Program Terms and Conditions
• Sky Bug Bounty Program Rulebook

Report Vulnerabilities