2024 Detectify Crowdsource Awards: Meet the Winners
It’s that time of year again! Here at Detectify, we’re excited to celebrate the talent and dedication of our Crowdsource community members with our annual …
Detectify
We have updated our reward system to make it easier for you to know what you might earn with Detectify Crowdsource. If your submission is accepted you will now get paid a fixed reward regardless of technology. You will also get paid for every time that vulnerability is found in our customer’s systems, from the first hit with no limit on how many hits you can get.
Detectify Crowdsource is a platform for ethical hackers to scale the impact of their bug hunting through automation. Ethical hackers submit vulnerabilities they find in widely used technologies that are then automated and made available to thousands of Detectify customers around the globe to enable them to secure their external attack surface. Each time a vulnerability is found in a unique customer asset, a bounty is paid to the ethical hacker who submitted the vulnerability.
Since launching Detectify Crowdosurce in 2018, we’ve issued over 250,000 USD to our private community of ethical hackers. Our reward system pays ethical hackers through continuous bounties instead of a single lump-sum as many bug bounty programs do. This unique approach to a reward system ensures ethical hackers continue to see the financial benefits of finding high and critical severity vulnerabilities in a wide variety of technologies over time.
Detectify fingerprints over 300 technology types across its global customer base. We presented a curated list of these fingerprinted technologies to our community members based on a few internal factors. We awarded “Guaranteed Payouts” to hackers if they found vulnerabilities in the technologies listed. This meant that if you submitted a critical vulnerability on Adobe Experience Manager (AEM) and it met our submission guidelines, you would be awarded $300 which was equal to 3 unique hits. However, you wouldn’t receive another award on this vulnerability until it got 4 unique hits as guaranteed payouts served as an advance on earnings.
However, we’ve learned from members that some have opted to not submit a vulnerability if it wasn’t listed on that prioritized list because it wasn’t clear if they would earn anything. In most cases, we would accept technologies not listed so long as it followed our submission guidelines and was accepted by our internal research team.
We’re changing that by replacing guaranteed payouts with fixed payouts. As of Wednesday, October 12, 2022 all submissions that meet our submission guidelines and are accepted will receive a fixed payout when the submission goes live.
But that’s not the best part: you will also begin earning rewards on unique hits from your first hit. This means that if you submit a critical vulnerability and it gets 2 unique hits after it goes live, you will be awarded $500 (fixed payout of $300 plus $200 for 2 unique hits).
Unlike traditional bug bounty programs where ethical hackers can earn one-time rewards from individual companies, Crowdsource empowers them by democratizing security research. Ethical hackers can now scale their work by helping thousands of companies with a single submission, and receiving passive income with each finding on a customer asset.
In addition to what we’ve covered above, members of our community benefit from a variety of additional programs:
Our community consists of 400+ brilliant ethical hackers that together have generated over 250 million vulnerability findings across the attack surfaces of our 2000+ customers. This monumental achievement from our community is fueled through their submissions, knowledge, and dedication to making the Internet a safer place. No wonder we are proud of them!
Wondering how you can join our community of leading ethical hackers? Try out our signup challenge to see if you have the experience needed to join Detectify Crowdsourcer here.
It’s that time of year again! Here at Detectify, we’re excited to celebrate the talent and dedication of our Crowdsource community members with our annual …
We at Detectify are thrilled to present the 2023 Detectify Crowdsource Awards, akin to the Oscars or Grammys of ethical hacking. The awards are our …