Frequently asked questions

Public Bug Bounty Program, Private Bug Bounty Program and Open Bug Bounty Program.

Pentest as a Service (PaaS), Continuous Attack Surface Management (CASM), Vulnerability Intelligence, Hyacinth Ransomware Simulation

Cyberange Virtual Labs

Private: These are the invitation-only programmes available to the Breachpoint’s best researchers. The organization can select the researcher and invite them to find the vulnerabilities.

Public: Every company’s program is open to all researchers.

Open: If a researcher discovers a vulnerability at an organisation without a bug bounty programme, they can notify Breachpoint, and Breachpoint will make every effort to contact that organisation.

Your company has to sign up and fill the form with all your details, than Breachpoint will verify all the details and send the mail or connect with your team for the further process or discussion. Once all the process is done, your program will be visible to all the researchers.

The bounty amount will be transferred right to your bank account. To transmit the bounty amount, researchers must provide their bank account information.

The researcher must submit a sufficient number of valid reports or receive a sufficient number of points from the VDP programme. Therefore, whoever scores highest will receive more private invitations.

When it comes to security tools, a vulnerability scanner is essential. Whether in-house or run through a managed service.

A managed bug bounty program provides continuous discovery of new vulnerabilities which can arise in the application which are missed by vulnerability scanning tools.

The answer is YES! A Bug Bounty program is an addon built specifically to support continuous penetration testing. It helps to monitor, detect and mitigate vulnerabilities which could be missed during CPT.

Yes. A BBP fits into most frameworks requirements for inventory, change detection, and risk review processes. It was designed to be agnostic and to support organizations to find their hidden attack surface.

Most Breachpoint subscribers BBP are up and running in less than 24 hrs.

This first step is to let know us what assets you want to be tested within your scope and setup the policy. The process is designed to make it as painless as possible and your program will be ready to receive reports from bug bounty researchers.

Yes, you will have a continuous look towards your ongoing bug bounty program with detailed statistics and the reports received by researchers.

The team of researchers undergo a rigorous training program and are certified by NSD. Additionally its mandatory to do a professional ethics certification to abide by rules and laws.

Get in touch with us and let your program start within 24 hrs.