Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Security
General Security Discussions
HackerOne
Message
<blockquote data-quote="Deleted member 65228" data-source="post: 714785"><p>It's a really good platform and I definitely recommend it for people to check out.</p><p></p><p>I've used it for a private programme before and the user interface was nice and simple, notifications were nice and required data to receive rewards wasn't so bad. I've seen vendors require really intrusive data to send out rewards such as an online version of your real pass-port, but HackerOne won't request such. You'll have to sign an online document (digitally sign) if you accept payment bounty rewards and PayPal is also supported on the platform; you can also have your reward given to charity if you don't accept it as far as I am aware.</p><p></p><p>There's another good platform just like HackerOne which has been around for longer if I recall correctly called <a href="https://www.bugcrowd.com/" target="_blank">BugCrowd</a>. I've also used that platform, and it's also really good. I definitely recommend checking out BugCrowd as well if you were interested in HackerOne. The support for BugCrowd is quite good in my opinion based on personal experience although I've never been required to request it for HackerOne so I can't comment on support for them.</p><p></p><p>Both HackerOne and BugCrowd support profile statistics in-case you're a competitive type. However on HackerOne, if you are using a private programme for submission, even though your rank will increase on your public profile, it may not necessarily increment the statistics for bugs found/thanks count.</p><p></p><p>There's different vulnerability programmes across each of those platforms (in terms of which vendors are there). AVG, Avira and SOPHOS are all definitely on BugCrowd though. Some vendors like Avast have their own vulnerability submission process where you rely on e-mail communication (with PGP encryption support - although not mandatory like with Zerodium).</p></blockquote><p></p>
[QUOTE="Deleted member 65228, post: 714785"] It's a really good platform and I definitely recommend it for people to check out. I've used it for a private programme before and the user interface was nice and simple, notifications were nice and required data to receive rewards wasn't so bad. I've seen vendors require really intrusive data to send out rewards such as an online version of your real pass-port, but HackerOne won't request such. You'll have to sign an online document (digitally sign) if you accept payment bounty rewards and PayPal is also supported on the platform; you can also have your reward given to charity if you don't accept it as far as I am aware. There's another good platform just like HackerOne which has been around for longer if I recall correctly called [URL='https://www.bugcrowd.com/']BugCrowd[/URL]. I've also used that platform, and it's also really good. I definitely recommend checking out BugCrowd as well if you were interested in HackerOne. The support for BugCrowd is quite good in my opinion based on personal experience although I've never been required to request it for HackerOne so I can't comment on support for them. Both HackerOne and BugCrowd support profile statistics in-case you're a competitive type. However on HackerOne, if you are using a private programme for submission, even though your rank will increase on your public profile, it may not necessarily increment the statistics for bugs found/thanks count. There's different vulnerability programmes across each of those platforms (in terms of which vendors are there). AVG, Avira and SOPHOS are all definitely on BugCrowd though. Some vendors like Avast have their own vulnerability submission process where you rely on e-mail communication (with PGP encryption support - although not mandatory like with Zerodium). [/QUOTE]
Insert quotes…
Verification
Post reply
Top
