Sky Bug Bounty Program

We have implemented a bug bounty program which we will pay a reward to those who discover and report vulnerabilities in our products and services.

The website for verifying vulnerabilies is currently under construction.

In accordance with the Sky Bug Bounty Program Terms and Conditions,verification of input fields and forms in the services or websites provided by Sky Co.,Ltd.is prohibited. Therefore, we are currently preparing a verification website that does not violate the terms and conditions.
Please pre-register for the website, and we will announce as soon as the website is ready to be used.

Program Overview

Purpose of the program

This program is intended to early discover and remove zero-day vulnerabilities which might exist in products and services provided by Sky Co.,Ltd.

Participation Requirements

Anyone can participate in the program if you meet the following requirements.

  • You are not an employee of Sky Co.,Ltd. or its group companies as of the time of reporting.
  • You are not working for Sky Co.,Ltd. or its group companies as of the time of reporting under a contract such as a work delegation agreement, secondment agreement, dispatching agreement or the like.
  • You have not been employed as full-time employees of Sky Co.,Ltd. or its group companies in the past.
  • You have not worked in the product development or cloud service operation related work at Sky or its group companies in the past.
  • You can communicate with Sky-SIRT in Japanese or English.
  • You agree with Sky Bug Bounty Program Terms and Conditions.
How to Participate

In order to participate in the program, please fill in the required items via "Vulnerability Report Form".

Restrictions and Prohibitions

If we find any violation of the following items, or any activities that interfere with or may interfere with the operation of our program, we may take measures such as blocking access to our services without prior notice, thereby restricting your participation in the program in the future. For more details, please confirm to Article 13 "Prohibitions" of the term.

Function in Which Security Testing Is Prohibited

Input fields and forms in the services or websites provided by Sky Co.,Ltd.

Load Testing Is Prohibited

Do not implement testing methods that put a considerable load on the services or websites provided by Sky Co.,Ltd.

Applicable Products, Services, and Websites

Software Products
SKYSEA Client View SKYDIV Desktop Client
SKYPCE SKYMEC IT Manager
SKYMENU Pro SKYMENU Class
SKYATT
Cloud Services
SKYSEA Client View Cloud SKYMENU Cloud
Websites

As stated in "Sky Bug Bounty Program Terms and Conditions", any implementation of testing method that put a considerable load on the services or websites provided by Sky Co.,Ltd. is prohibited.

Restrictions and Prohibitions

Website Domain
Corporate Website www.skygroup.jp
SKYSEA Client View
Product Website
skyseaclientview.net
SKYSEA Client View
Service Maintenance Website
sp.skyseaclientview.net
SKYDIV Desktop Client
Product Website
www.skydiv.jp
SKYDIV Desktop Client
Service Maintenance Website
sp.skydiv.jp
SKYPCE
Product Website
www.skypce.net
SKYMEC IT Manager
Product Website
www.skymec.net
SKYMEC IT Manager
Service Maintenance Website
sp.skymec.net
SKYATT www.skyatt.net
SKYMENU www.skymenu.net
SKYMENU Class skymenu-class.net
School and ICT www.sky-school-ict.net
Recruitment Website (for New Graduates) www.sky-recruit.jp
Recruitment Website (for Mid-career) www.sky-career.jp

Rewards

The basic amount of reward is calculated according to the vulnerability type. The amount of the reward is multiplied by “the coefficients by product” on them. For details on how to calculate and judge vulnerability information in the Bug Bounty Program, see "Sky Bug Bounty Program Rulebook".

Contact Us

This program is managed by the Sky-SIRT in Sky Co.,Ltd.
All inquiries regarding this program must be made by using the Inquiry form.

Inquiry form

System Details

Report

Report Vulnerabilities