AI Studio is a full-stack Gen AI platform built on Hyperstack’s high-performance infrastructure. It is a unified platform that helps you go from dataset to deployed model in one place, faster.

What services do you get on AI Studio?

With the AI Studio, you get hands-on access to the following Gen AI services: Gen AI Inference Gen AI Evaluation Gen AI Fine-Tuning Gen AI Playground

How does AI Studio help in the Gen AI workflow?

The AI Studio brings the entire Gen AI workflow, including data preparation, training, evaluation and deployment, into one seamless platform. This makes it easy to bring AI products to market faster.

Do I need high ML or DevOps expertise to use AI Studio?

No. AI Studio abstracts heavy lifting so you can focus on building, managing infrastructure or writing complex training code.

Which models can I fine-tune on AI Studio?

You can fine-tune the following popular open-source models on the AI Studio: Llama 3.3 70B Llama 3.1 8B Instruct Mistral Small 3

Can I test model outputs before deployment on AI Studio?

Yes. The built-in Playground on the AI Studio lets you experiment in real time and iterate before going live.

How is AI Studio's generative AI infrastructure different from others?

AI Studio offers an end-to-end Gen AI platform for training, fine-tuning, evaluating and deploying models. This removes the need for multiple tools or infrastructure and enables fast, full-stack LLM development from dataset to production.

How does Gen AI Evaluation work?

Gen AI Evaluation helps benchmark models using built-in metrics like MATH or your own scripts, so you can measure output quality and performance easily after each training run or prompt variation.

Hyperstack

Bug Bounty Programme

At Hyperstack, security is a commitment. Protecting our systems, services and customer data is our top priority. We know the security community plays a vital role in this mission and we welcome ethical hackers and researchers who help us stay resilient.

By participating in our Bug Bounty Programme, you can make a direct impact on the safety of our platform and get rewards of up to $2,500.

Submit Bug

Hyperstack Bug Bounty Programme Scope

You are encouraged to test and report vulnerabilities across all publicly accessible systems and applications operated by Hyperstack, including:

Customer-facing portals

APIs & SDKs

Mobile applications

Cloud infrastructure endpoints

Out of Scope

To keep things fair and safe, certain areas are not eligible for the Hyperstack Bug Bounty Programme rewards:

Denial of Service (DoS/DDoS)

Social engineering or phishing against employees

Third-party systems not owned or controlled by NexGen Cloud

Partner with Us to Strengthen Security

Earn rewards for impactful discoveries

We value research that helps strengthen our platform’s security. Reports that include clear reproduction steps, working proof-of-concept code and detailed context about the risk are eligible for higher rewards. The more you help us understand and validate an issue, the more we can recognise your contribution.

Help us discover the unseen

Our goal is to find vulnerabilities that others might overlook. If your submission highlights a new or unusual flaw in our systems, it directly improves our defences. Even if we’re already aware of the issue and actively working on a fix, being the first to report it from the outside can still make you eligible for a bounty.

Keep users and systems safe while testing

We ask that researchers avoid any activity that could expose, damage or disrupt customer data or live services. If your testing unexpectedly touches production environments or you come across private data, stop immediately and reach out to us. We’ll work with you to secure the information and prevent further impact.

Practice responsible disclosure

If you’ve found a vulnerability, please report it privately so we can address it before it becomes public. Our security team treats every report seriously and will respond as quickly as possible. Once the issue is fixed, we’ll acknowledge your role and provide the appropriate reward for helping us protect our users.

What We’re Looking For from External Testers / Pentesters / Whitehats

At NexGen Cloud, we seek ethical researchers who uncover real and impactful vulnerabilities, not theoretical issues or automated noise.

Description

Profile of participants

Researchers and ethical hackers who think out of the box and have a scientific understanding of security vulnerabilities.

Purpose

To engage ethical hackers who can help us identify and report vulnerabilities and weaknesses that internal teams might miss, leveraging their unique external perspective.

Expected approach

Participants must:
• Dive deep into systems to identify genuine issues (not surface-level findings).
• Localise and document the issue clearly.
• Provide reproducible steps, explain the situation, and describe the potential impact.
• Maintain a professional and ethical approach throughout the process.

Quality expectation

Your reports should reflect research-grade effort, not automated or low-effort scanner output. Submissions that are purely vulnerability scanner results or trivial enumeration will not be accepted.

Mindset

Ethical hackers are seen as partners on the “good side of the table,” helping us strengthen our security posture, not as outsiders trying to exploit weaknesses.

Issues Eligible for Our Bug Bounty Rewards

Description

Primary focus

Security vulnerabilities rank the highest priority for bounty eligibility.

Secondary scope

Other critical issues may also qualify for rewards if they demonstrate a significant risk, impact or insight beyond standard QA or functional defects.

Eligibility rule

Only issues that are not already known internally or not part of an existing development roadmap or planned fix are eligible for bounty consideration. Duplicate or known issues will be rejected.

Out-of-scope / Not Eligible

• Social engineering or physical security attacks
• Denial of Service (DoS) or brute-force attacks
• Automated vulnerability scan outputs
• Trivial or low-effort findings
• Issues already tracked in the internal backlog or future roadmap

Evaluation criteria (triage)

Each submission goes through internal triage to assess severity (High / Medium / Low) and acceptance. Only reports that demonstrate effort, reproducibility and ethical behaviour are considered valid.

Hyperstack
Bug Bounty
Programme
Rewards

We reward valid vulnerability reports based on impact, severity and clarity of submission.

Higher-risk, higher-impact vulnerabilities earn larger rewards
Multiple valid reports for the same issue are rewarded only to the first reporter.
Duplicate or incomplete reports will not be rewarded

Payment
Timelines

Payments for approved bug reports are processed in scheduled payout cycles, not immediately upon approval. For example, if a report is submitted on the 29th and validated on the 1st, the payment may be issued in the next cycle, meaning you could receive it around a month to six weeks later. This timeline allows us to complete proper validation, ensure accuracy, and process payments securely through our payment provider.

How to Report and Get Rewarded

If you’ve found a vulnerability, please contact us at: security@hyperstack.cloud. We do not require exploit code that could damage systems — proof-of-concept (PoC) evidence only.

To help us triage quickly, include in your email:

A clear description of the vulnerability
Steps to reproduce/proof-of-concept
The affected endpoint, system or component
The potential business or technical impact
Recommended remediation (if available)

We’ll acknowledge receipt, investigate promptly and keep you updated at each stage:

Stage 1:Receipt
We review your bug report and initiate a triage session with our Quality, Product and Development teams.
Stage 2: Triage
We determine if the issue is already known, planned for a future fix or part of our roadmap
Stage 3: Classification
We assess the issue’s severity using our internal matrix.
Stage 4: Communication
We share updates and outcomes with you at each stage.

Our Commitment

We ensure timely and transparent communication throughout the process:

Initial response: Provided within the defined timeframe for each severity level.
Status updates: Shared at every stage, including triage, verification, remediation and release.
Resolution timelines: We prioritise critical and high-severity issues to ensure swift action.
Researcher notifications: You’ll be informed once your submission is accepted, rewarded and resolved.

Legal Safe
Harbour

We are committed to protecting researchers who help us improve security.

You will not face legal action if you:

Act in good faith and within the programme’s scope
Follow our reporting guidelines and responsible disclosure policy
Do not exploit vulnerabilities for personal gain or broader system harm
Do not disclose details publicly until remediation is confirmed

As long as these conditions are met, your work will be recognised as ethical research and you will remain protected under our safe harbour.

Join the Community
That Secures Hyperstack

By participating in our Bug Bounty Programme, you’ll be directly contributing to the security of global cloud infrastructure while earning rewards and recognition along the way.

Ready to get started? Submit your findings to security@hyperstack.cloud

Submit Bug