Reward your researchers fairly – try our bug bounty calculator today!

Try our bug bounty calculator

Eleanor Barlow

Author

Eleanor Barlow

Senior Cybersecurity Technical Writer

What's the best bug bounty program for you?

DIY or outsourced bug bounty programs: what’s best for your business?

Business Insights

June 24, 2025

Organizations are adopting bug bounty programs more and more as part of a layered security strategy to address the skills gap and to help their security budget go further. But should you run a program in-house or outsource to a bug bounty program provider? This blog will take you through the setup p

Cracking compliance. How Intigriti’s PTaaS supports CREST, DORA, GDPR, and ISO

Business Insights

June 16, 2025

Penetration Testing as a Service (PTaaS) must align with core industry standards, regulations, and certifications. This is usually done to meet legal compliance, uphold industry standards, build trust, and ensure service quality for customers. In this article, we look at how CREST, DORA, GDPR, and I

Security maturity, complexity, and bug bounty program effectiveness: A deep dive

Business Insights

June 10, 2025

There are three key elements that, when combined, support the planning of a bug bounty program to attract the right researchers. These three components are the attack surface, security maturity, and asset complexity. In this article, we explore each of these elements, how they impact one another, an

What does it take to become CREST-accredited? Top 10 questions answered

Business Insights

June 4, 2025

Reputation – What is CREST?   CREST is the gold standard for quality assurance accreditation in the cybersecurity industry. It is a globally recognised not-for-profit cybersecurity authority that rigorously assesses organisations against stringent standards for quality, technical proficiency, and op

Adoption of CVSS v4.0 vulnerability assessment calculator

Business Insights

May 28, 2025

CVSS stands for "Common Vulnerability Scoring System". The CVSS framework is an open cyber security framework owned by a US-based non-profit organization "Forum of Incident Response and Security Teams" (FIRST). The mission of FIRST is to help worldwide cyber security response teams quickly and easil

CREST accreditation reinforces Intigriti’s pentesting excellence

News

May 20, 2025

Intigriti, a global crowdsourced security provider, is delighted to announce that it is now CREST accredited. Who is CREST? CREST, a globally recognised not-for-profit authority in cyber security, rigorously assesses organisations against stringent standards for quality, technical proficiency, and o

The link between security maturity and bug bounty success

Business Insights

May 12, 2025

What defines a security maturity posture?   A security maturity posture refers to an organization’s ability to detect, manage, and mitigate security vulnerabilities and risks. It reflects how well the organization applies programs, processes, and controls to protect its assets and data. Generally, a

Bug bounty glossary: common web application vulnerabilities

Business Insights

April 23, 2025

What’s the difference between a risk, threat, and a vulnerability? A risk, according to NIST, is defined as ‘An effect of uncertainty on or within information and technology. Cybersecurity risks relate to the loss of confidentiality, integrity, or availability of information, data, or information (o

Intigriti insights into latest beg bounty scam

Business Insights

March 25, 2025

The Intigriti team have recently observed an abuse scenario, trending across the industry, where malicious actors are posing as legitimate white-hat hackers, deceiving targeted companies into believing their actions are carried out in good faith. Bad actors will always try to exploit the system, in

Access control vulnerability in the retail industry. Cross-Site Scripting (XSS) use case

Business Insights

March 13, 2025

Why is the retail industry being targeted? Large-scale operations and the extensive attack surface of the retail industry render it particularly susceptible to cybercrime, on a global scale. Websites, mobile apps, and company programs create numerous entry points for malicious actors. The high volum