Bug Bounty Program

A brief study on how we created a customised Bug Bounty Program for a client.


The client operates in the health industry primarily providing a web service to health professionals.


The client wanted to expand into crowd-sourcing penetration testing of their external (Internet facing) infrastructure.


We developed a private and customised Bug Bounty program to fit their budget and specific needs. Only vetted security researchers were invited to test and report findings.

Security researchers who identify vulnerabilities are paid different amounts based on the criticality of the finding.


Request a proposal/quote.

Start seeing results in 24 hours.