loading
Loading content
loading
A bug bounty program opens an organization's assets to outside researchers and pays for valid security findings. The program publishes a scope (which domains, apps, and APIs are fair game), a set of rules, and a reward structure tied to severity. Researchers test on their own time, submit reports, and earn a bounty when the team confirms the issue is real and in scope.
The model widens coverage. A fixed internal team or a time-boxed engagement can only look at so much, while a public program puts many testers with different skills against the same surface continuously. Programs reward variety: one researcher finds an access-control bug, another finds a server-side flaw nobody else thought to check.
Bug bounty differs from penetration testing in structure. A pentest is scoped, scheduled, and paid by time; a bounty is open-ended and paid by result. Both rely on responsible disclosure so flaws reach the vendor before the public.
Researchers lean heavily on automation for the early stages. In a Trickest workflow, you run continuous recon against in-scope targets, surface new endpoints and parameters, and feed candidates to manual testing, where a clean proof-of-concept makes the report easy to validate and reward.
Related terms