Detectify Crowdsource allows security researchers to submit newly discovered exploits and we incorporate them into Detectify's automated security service. Every time a reported issue is found on any of our customer's websites, the researcher is rewarded.
What is Crowdsource?
Detectify Crowdsource is an invite only community of the world's top security researchers. Our hand picked researchers submit web vulnerabilities which we integrate into the Detectify platform. Our goal is to combine the power of crowdsourcing with the capacity of automation to ultimately make the internet a safer place.
Let's break it down
Find a vulnerability in a widely used system, such as a CMS, framework, library etc. It can be an already disclosed vulnerability, and does not have to be originally found by you.
You submit a proof-of-concept to us about the vulnerability which is then reviewed by us.
We automate the vulnerability and continuously test for it on all our customers.
You will see statistics on the number of hits of the vulnerability and will be rewarded for each unique hit it produces.
Detectify Crowdsource approaches bug bounties in an innovating way, focusing on platforms instead of specific clients.
This means that we are interested in commonly used CMSes, libraries, frameworks, web servers or common misconfigurations that affect a lot of customers.
As soon as you find one of these vulnerabilities, you report it to us and we build a module for it. Every time your vulnerability is detected, we will automatically report it to the customer without you having to write any reports or submit any additional information.
And the icing on the cake, you’ll be rewarded every time an issue is found.
We do not ask for exclusivity with either your participation or submissions.
Hack the planet
Detectify Crowdsource is an invite only program. We do, however, gladly accept requests to join. The first step of joining Detectify Crowdsource is made by applying below. Good luck!
Get with the program
The brains behind it
Detectify is a SaaS based web application security scanner that analyzes the security level of your website and creates a report with the results.
It is designed to be easy to use even for those with little or no previous knowledge of web security.
Go hack yourself!