Platform changelog
Curious about the latest and greatest on Intigriti? You're in the perfect place! Dive in to see what's new, what's improved, and what's changed.
05/14/2025
For Companies
Introducing asset management
What we did: We have transitioned asset management from the program level to the company level, creating a centralized repository of unique company assets. Existing program domains have been migrated to this new company list, and duplicate domains (those with identical names and types) have been merged into single, unique entries.
Company Admins can now create, edit (changes apply across all programs using the asset), and archive/unarchive assets centrally.
Why we did it: The previous lack of a centralized asset list created operational inefficiencies, hindered accurate reporting (like submissions per asset or vulnerability trends), prevented a clear view of the attack surface, and blocked effective matching of researchers to relevant assets. This foundational change establishes a single source of truth for assets, improving data structure and resolving these limitations.
Who it helps: This provides companies with a streamlined and unified way to manage their assets, reducing errors and inconsistencies. It creates a robust data foundation essential for future capabilities, such as detailed asset-level reporting, enhanced attack surface insights, and more effective matching of researchers to assets aligning with their skills and interests. Ultimately, it improves data quality and scalability for the entire platform.
Read more about managing company assets here.
05/14/2025
For Companies
Introducing asset management
What we did: We have transitioned asset management from the program level to the company level, creating a centralized repository of unique company assets. Existing program domains have been migrated to this new company list, and duplicate domains (those with identical names and types) have been merged into single, unique entries.
Company Admins can now create, edit (changes apply across all programs using the asset), and archive/unarchive assets centrally.
Why we did it: The previous lack of a centralized asset list created operational inefficiencies, hindered accurate reporting (like submissions per asset or vulnerability trends), prevented a clear view of the attack surface, and blocked effective matching of researchers to relevant assets. This foundational change establishes a single source of truth for assets, improving data structure and resolving these limitations.
Who it helps: This provides companies with a streamlined and unified way to manage their assets, reducing errors and inconsistencies. It creates a robust data foundation essential for future capabilities, such as detailed asset-level reporting, enhanced attack surface insights, and more effective matching of researchers to assets aligning with their skills and interests. Ultimately, it improves data quality and scalability for the entire platform.
Read more about managing company assets here.
05/07/2025
Companies & Researchers
'Informative' submission close Reason changed to neutral
What we did: Updated the 'Informative' submission close reason from positive to neutral. This change applies only to submissions closed from this date forward. Consequently, 'Informative' submissions will no longer impact validity ratios or program contributor status.
Why we did it: To ensure researcher validity ratios accurately reflect impactful contributions, enhance the fairness of evaluations, and address specific customer feedback requesting a neutral option.
Who it helps: This provides companies with a more accurate and reliable way to evaluate researcher performance based on impactful findings. It helps researchers by ensuring their statistics and reputation genuinely reflect the value they deliver through actionable vulnerability reports.
Read more about submission close reasons here
Researchers
Industry discovery feature
What we did: We added industry information tags to programs and specific skill tags to assets.
Why we did it: Offer researchers a more personalized guidance towards relevant opportunities right from the start.
Who it helps: This helps new and existing researchers find programs and assets matching their interests and expertise more easily, leading to increased activity and a better platform experience. Ultimately, this benefits companies by engaging a wider pool of relevant researcher talent.
04/09/2025
Companies
Updates to the LoA and Pentest Report
We've updated thep (LoA) and Pentest Report exports. For completed comprehensive pentests, we've added pentest checklist items to the reports.
Advanced Search on Submission
Overview You can now refine your searches on the submission overview. When using the text search, you can choose specific fields within a submission to search (e.g., Title, Internal Reference, Submission Code), making it easier to find the submissions you need.
03/19/2025
Companies
Custom Bounties in the Company API For larger customers using our Company External API, you can now override the standard bounty amount and award custom bounties when accepting submissions, offering you more flexibility in rewarding researchers over API.
Addition of a 4th and 5th Bounty Tier We've added two new bounty tiers to provide you with more flexibility in customizing your program rewards based on the importance, complexity, and maturity of your assets. More details about bounty tiers can be found in our Knowledge Base.
Pentesting Checklists You can now request researchers to complete a web application testing checklist when they perform a pentest for your program. This will help ensure a more structured testing process.
Improvements to Credentials Upload We've improved the credentials upload functionality to ensure that the order of credentials you provide is maintained within the platform.
Researchers
Enhanced Onboarding Experience New researchers joining the platform will now go through an onboarding process. This will allow them to provide more information about their skills and preferences, helping them personalize their experience on the platform.
Improvements to Markdown Editor We've introduced some minor improvements to our Markdown editor, which you use for submitting and discussing vulnerabilities, to make your experience even more seamless.
02/26/2025
Researchers
Engagement Logs
We've added a new feature that allows you to share data on the amount of time you spend hunting on the domains of a program. By submitting engagement logs, you'll be able to see insights into where other researchers have been focusing their efforts. Please note that we are currently in the data-gathering phase for this feature.
02/05/2025
Full-Screen Inline Images
You can now click on images within the platform to open them in full-screen mode for easier viewing.
01/22/2025
Companies
Program Budget Notifications
Company admins can now configure a budget threshold to receive notifications when their program budget falls below a specified limit. This feature is perfect for companies seeking an early warning before their program risks automatic suspension. More details about the low-budget notifications are available in the Knowledge Base.
Delete Hybrid Program Drafts
Admins can now delete drafts of hybrid programs, just as they can for bug bounty drafts. While launching programs is always our goal , this update helps maintain a clean platform by allowing the removal of unneeded or mistakenly created drafts.
10/23/2024
Submission retesting is here!
Now, companies can request retests for accepted submissions to ensure vulnerabilities have been resolved. Simply specify a bounty and deadline for the retest. The researcher will confirm if the issue is still present.
For more information, visit our latest changelog
08/21/2024
Companies
PDF and CSV Export
Exporting submissions as PDF or CSV is now available through the latest version of the Company External API, providing more flexibility and accessibility in handling submission data.
Researcher Platform Statistics
We've refined the researcher overview to allow toggling between program-specific stats and overall platform stats, addressing previous confusion and enhancing clarity.
Hybrid Program Export Improvements
Numerous improvements have been made to the Letter of Attestation and Pentest Report exports for Hybrid programs, ensuring more accurate and comprehensive documentation.
Researchers
Active Researchers
Researchers can now mark themselves as active on any non-VDP bug bounty program. On a program detail page, researchers will have the option to indicate through a toggle in the ‘Program actions’ card that they are 'active on this program and open to collaborate'
07/31/2024
Messaging & User Mentioning
Enhanced messaging features and the ability to mention users directly in messages, improving communication and collaboration.
Learn more