Bug Bounty

Frequently asked questions about Bug Bounty programs

BugHunt

2 min read
Frequently asked questions about Bug Bounty programs

This post aims to help understand Bug Bounty programs and their unique characteristics.

What is a Bug Bounty?A Bug Bounty applies the crowdsourcing principle to cybersecurity: mobilize a community of experts, test a scope, and reward these experts for each vulnerability discovered. Bug Bounty programs allow companies to identify security gaps proactively, reducing risks and preventing their businesses from being impacted by malicious actors.

What is the difference between a public and a private program?Public programs, as the name suggests, are accessible to all experts on the platform, maximizing their reach and participation. On the other hand, private programs are accessible only to invited experts who have passed a background check. Additionally, companies opting for this model can invite experts who are not yet part of the platform.

How do I define the scope of my first Bug Bounty program?To start your first program, we recommend beginning with a limited scope that you are familiar with and that has been tested previously. When you receive the first reports, BugHunt will help you gradually accelerate, by expanding and/or adding more items to the scope, making the rules of your program more flexible, and/or increasing the number of researchers involved.

How do I select researchers for a private program?On BugHunt, you can select the experts you want to participate in your private program, and you can also invite experts who are not yet on the platform. Our team will assist you in choosing the most suitable experts for your program.

How do I define and control my Bug Bounty budget?BugHunt supports you in all stages of creating, launching, and monitoring your program to ensure that the program's rules (scope, rules, rewards, number of experts) align with your planned budget.

How does BugHunt ensure the integrity and ethics of its experts?When registering on BugHunt, experts sign our Terms of Service and Privacy Policy, committing to strictly adhere to the rules of each program they participate in, as well as maintaining the confidentiality of the data they may access. Additionally, experts undergo a preliminary screening (background check) through our platform to validate personal, financial, and previous experience data.

Have any questions? Contact our team and start your program on BugHunt today!