Bug Bounty Platform Intigriti recently announced a new initiative that will mix bug bounty hunting and penetration testing models, paying participants for the hours they spend looking for bugs as well as a fixed reward for specific bugs.
According to Intigriti, this initiative would enable companies to collaborate with selected researchers on specific engagements within a set duration while also paying depending on results, similar to bug bounty programs. Furthermore, researchers earned more than $106,000 throughout the pilot phase leading up to the launch.
“I was contemplating a career as a full-time bug bounty hunter: I loved the idea of being able to work whenever I wanted from wherever I wanted, but could not deal with the uncertainty full-time bug bounty hunting brings, as you’re not being paid for your effort,” said Inti De Ceukelaire, Head of Hunters at Intigriti.
“With more companies implementing a bug bounty program and raising their payouts, I see more people shifting their careers to become full-time bug bounty hunters. On the other side, we see companies that are massively impressed by the results they get from bug bounty compared to pen tests, wanting to do more engagements with top performers on their program,” added Inti De Ceukelaire.
Intigriti launched this new initiative to provide a sustainable working environment for both enterprises and ethical hackers, and these so-called “hybrid pen tests” will be accessible to candidates this summer.
According to Intigriti, the initiative has so far received $22.3 million in funding. Researchers interested in learning more about the new model can apply on Intigriti’s website to participate in beta testing.