# Security Policy
One of the main goals of the Sliver project is to provide a secure platform when performing assessments, we encourage everyone to do a security review of the code base and report vulnerabilities, or to request features if the project does not meet your security needs.
### Bug Bounty
Anything in the `master` branch, without an open ticket.
| Severity | Reward |
|---|---|
| Critical | 12+ Year Whisky or Scotch |
| High | Good Beer |
| Medium | A PBR, Grain Belt, or Hamm's |
| Low | High Five |
### Reporting a Vulnerability
Please report high and/or critical vulnerabilities via email `jdemesy<[a]>bishopfox.com`, if no response within 14 days, file a ticket with a `security` tag. Medium to Low risk vulnerabilities can simply be filed as a normal bug/issue with the `security` tag.