Microkeeper is an all-in-one cloud-based HR and payroll software designed to streamline and automate processes of employee management, roster making, time and attendance tracking, and payroll processing.

How can Microkeeper help my business with HR and payroll tasks?

Microkeeper helps businesses of all sizes by simplifying HR and payroll tasks. It automates time tracking, facilitates employee scheduling, manages leave requests, and integrates seamlessly with payroll systems, saving time and reducing errors in payroll processing.

Is Microkeeper suitable for businesses of all sizes?

Yes, Microkeeper is designed to cater to the needs of businesses of all sizes, including small, medium, and large enterprises across various industries. Whether you have a handful of employees or a large workforce, Microkeeper offers scalable solutions to meet your HR and payroll needs.

Can Microkeeper help ensure compliance with labor regulations?

Absolutely. Microkeeper is equipped with features to help businesses stay compliant with labor regulations. It automates calculations for overtime, penalty rates, and other entitlements, while also providing reporting tools to ensure transparency and compliance with labor laws.

How easy is it to integrate Microkeeper with existing payroll systems?

Integrating Microkeeper with existing payroll systems is straightforward. Our platform offers seamless integration with popular payroll software, allowing for smooth data transfer and synchronization. Our support team is available to assist with any setup or configuration requirements.

Microkeeper's security vulnerability Bounty Program

At Microkeeper, we take security seriously, and we know that staying secure is a collective effort. That’s why we’ve launched our Security Vulnerability Bounty Program, designed to reward ethical hackers and security researchers who help us identify and fix potential weaknesses in our platform.

Whether you’re a penetration tester, a developer, or just someone with a sharp eye for bugs, this program is your opportunity to contribute to a safer experience for every Microkeeper user, and get rewarded for it.

How it works: Severity levels and Rewards

We assess each reported vulnerability based on its severity and potential impact. Here’s how we break it down:

Severity	Description	Reward Range
Critical	Vulnerabilities that could result in full system compromise, such as remote code execution or major data breaches.	$1,000 – $5,000
High	Serious issues like SQL injection or unauthorised access that expose sensitive data or user accounts.	$500 – $1,000
Medium	Vulnerabilities that lead to partial data exposure, misconfigurations, or flaws that require complex exploitation.	$200 – $500
Low	Minor issues like small misconfigurations or UI/UX-related concerns that pose limited security risk.	$50 – $200

‍

Note: All reward amounts listed above are in AUD (Australian Dollars).

What we're looking for

We’re especially interested in vulnerabilities related to:

Authentication and Authorisation: login, session, handling, password management, and privilege escalation flaws.
Data exposure: any unintended access to personal, payroll, or organisational data.
API Security: broken authentication, data leakage, or permission misconfigurations in public/private APIs.
Code injection attacks: cross-site scripting (XSS), SQL injection, or similar issues that allow untrusted input.
Remote code execution (RCE): vulnerabilities that could let an attacker run code on our systems.

What's out of scope

We love security research, but the following types of vulnerabilities fall outside this program:

Denial of service (DoS/DDoS) attacks.
Vulnerabilities requiring social engineering (e.g. phishing)
Issues in third-party platforms not operated by Microkeeper.
Bugs in outdated or unsupported versions of Microkeeper.
Anything involving unpatched legacy systems no longer in production.

How to report a security bug

If you’ve found a bug, please let us know! Here’s how:

Submit a ticket via our contact us page.
Include a clear description of the issue, the steps to reproduce it, and which system or service is affected.
Attach any relevant evidence, logs, screenshots, or payloads are helpful.
Be sure to include your contact details in case we need to follow up.
If your report is valid and meets our criteria, we’ll be in touch with details about your reward.

Program rules

To ensure fairness and transparency, please take note of the following rules:

Reports must affect the Microkeeper platform or products to be eligible.
Only the first valid report of a given issue will receive a reward.
Submissions must be sent via our official reporting channels.
You must include clear steps to reproduce the issue.
The final reward amount is determined by our security team based on impact, clarity, and accuracy.
Microkeeper reserves the right to adjust rewards or eligibility at its discretion.

Helping us stay secure

Microkeeper is committed to providing a secure platform for all users, and that includes collaborating with the broader security community. We’re incredibly grateful to researchers and ethical hackers who help us uncover and resolve vulnerabilities before they can be exploited.

‍

If you think you’ve found something, don’t hesitate to get in touch.

‍

Thanks for helping keep Microkeeper secure.