Bug Bounties

Canada Goose Inc.

Powered by: 

Allows bounty splitting: 

Average time to first program response: 29

Average time to bounty awarded null: 

Average time to report resolved: 

Handle canada_goose_inc

Managed program: true

Name: Canada Goose Inc.

Offers bounties: false

Offers swag: false

Response efficiency percentage: 94

Submission state: open

Url: https://hackerone.com/canada_goose_inc

Website: https://canadagoose.com

In scope:

  • Asset identifier: api.canadagoose.com
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: The canadagoose API gateway is an interface to a collection of backend services
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: canadagoose.com
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: Canadagoose.com is our public facing e-commerce website hosted on the Salesforce Commerce Cloud. All subdomains under canadagoose.com are in-scope
  • Integrity requirements: high
  • Max severity: critical



  • Asset identifier: service.canadagoose.com
  • Asset type: URL
  • Availability requirement: high
  • Confidentiality requirement: high
  • Eligible for bounty: 
  • Eligible for submissions: true
  • Instruction: This is our customer warranty portal hosted on the Salesforce Service Cloud.
  • Integrity requirements: high
  • Max severity: critical