Alternatives to Bugbop
Compare Bugbop alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Bugbop in 2026. Compare features, ratings, user reviews, pricing, and more from Bugbop competitors and alternatives in order to make an informed decision for your business.
-
1
huntr
huntr
Get paid to find & fix security vulnerabilities in open source software and be recognised for protecting the world. We believe that it's important to support all of open source and not just enterprise-backed projects. That's why our bug bounty program rewards disclosures against GitHub projects of all sizes. Rewards include bounties, swag and CVEs. -
2
Open Bug Bounty
Open Bug Bounty
Open Bug Bounty project enables website owners to receive advice and support from security researchers around the globe in a transparent, fair and coordinated manner to make web applications better and safer for everyone’s benefit. Open Bug Bounty’s coordinated vulnerability disclosure platform allows any security researcher reporting a vulnerability on any website as long as the vulnerability is discovered without any intrusive testing techniques and is submitted following responsible disclosure guidelines. The role of Open Bug Bounty is limited to independent verification of the submitted vulnerabilities and proper notification of website owners by all available means. Once notified, the website owner and the researcher are in direct contact to remediate the vulnerability and coordinate its disclosure. At this and at any later stages, we never act as an intermediary between website owners and security researchers. -
3
HackenProof
HackenProof
We are a web3 bug bounty platform since 2017. We help to set a clear scope (or you can do it by yourself), agree on a budget for valid bugs (platform subscription is free), and make recommendations based on your company`s needs. We launch your program and reach out to our committed crowd of hackers, attracting top talent to your bounty program by with consistent and coordinated attention. Our community of hackers starts searching for vulnerabilities. Vulnerabilities are submitted and managed via our Coordination platform. Reports are reviewed and triaged by the HackenProof team (or by yourself), and then passed on to your security team for fixing. Depending on preference, you can choose to publicly disclose any reports, once the issues are resolved. We connect business with a community of hackers from different parts of the globe.Starting Price: $0 per month -
4
Immunefi
Immunefi
Since its founding, Immunefi has become the leading bug bounty platform for web3 with the world's largest bounties and payouts and now has over 50+ employees around the world. If you're interested in joining the team, please see our careers page. Bug bounty programs are open invitations to security researchers to discover and responsibly disclose vulnerabilities in projects’ smart contracts and applications, which can safe web3 projects hundreds of millions--and even billions--of dollars. For their good work, security researchers receive a reward based on the severity of the vulnerability. When you find a vulnerability, create an account and submit the bug via the Immunefi bugs platform. We have the fastest response time in the industry. -
5
YesWeHack
YesWeHack
YesWeHack is a leading Bug Bounty and Vulnerability Management Platform. Founded by ethical hackers in 2015, YesWeHack connects organisations worldwide to tens of thousands of ethical hackers, who uncover vulnerabilities in websites, mobile apps, connected devices and digital infrastructure. The YesWeHack platform offers a range of integrated, API-based solutions: Bug Bounty (crowdsourcing vulnerability discovery); Vulnerability Disclosure Policy (creating and managing a secure channel for external vulnerability reporting); Pentest Management (managing pentest reports from all sources); Attack Surface Management (continuously mapping online exposure and detecting attack vectors); and ‘Dojo’ and YesWeHackEDU (ethical hacking training). YesWeHack's services have ISO 27001 and ISO 27017 certifications, and its IT infrastructure is hosted by EU-based IaaS providers, compliant with the most stringent standards: ISO 27001 (+ 27017, 27018 & 27701), CSA STAR, SOC I/II Type 2 and PCI DSS. -
6
Bountysource
Bountysource
Bountysource is the funding platform for open-source software. Users can improve the open-source projects they love by creating/collecting bounties and pledging to fundraisers. Anyone can come to Bountysource and create or claim their project's team (GitHub Organizations are automatically created as teams on Bountysource). A bounty is a cash reward offered for development. In the case of Bountysource, this ties directly to an open issue in the system. Bountysource itself is concerned. Any quality control for whether to accept a fix is the responsibility of the maintainers for the given project. This includes whether affiliation with the project counts for having the fix accepted or not. -
7
Yogosha
Yogosha
Run, manage and oversee all your Offensive Security testing —Pentest as a Service and Bug Bounty— on one secure platform for a seamless, interoperable and efficient DevSecOps experience. - PTaaS: a timely and cost-efficient security audit of your assets. Your security weaknesses identified for a flat fee. Launch a test within a week. - Bug bounty: a continuous, adversarial and pay-per-result testing to detect business-critical vulnerabilities. We rely on a secure platform, available as SaaS or self-hosted, and on a private and selective community of security researchers, the Yogosha Strike Force. Each member of the YSF has been screened through stringent technical and pedagogical tests, after which only 20% of candidates are accepted. -
8
SafeHats
InstaSafe
The SafeHats bug bounty program is an extension of your security setup. Designed for enterprises, the program taps into a vast pool of highly skilled and carefully vetted security researchers and ethical hackers to comprehensively test your application’s security. It also provides your customers with comprehensive protection. Run programs that suit your current security maturity level. We have designed a Walk-Run-Fly program concept for Basic enterprises, progressive and advanced enterprises respectively. Testing for more sophisticated vulnerability scenarios. Researchers are incentivized to focus high severity and critical vulnerabilities. A comprehensive policy between the security researchers and clients bound by mutual trust, respect, and transparency. Security researchers from diverse profiles, backgrounds, ages, and professions, creating a wide range of security vulnerability profiles. -
9
Com Olho
Com Olho
Com Olho is a SaaS based, AI-assisted Bug Bounty Platform to uncover vulnerabilities through a community of cyber security researchers each of which follow a stringent KYC process, allowing organizations to strengthen their online systems and applications, ensuring security compliance through built-in collaboration tools, support, documentation and advanced reporting. -
10
Intigriti
Intigriti
Intigriti is the trusted leader in crowdsourced security, empowering the world’s largest organizations to find and fix vulnerabilities before cybercriminals can exploit them. Since 2016, the company has helped its customers reduce risk with the expertise of 125,000+ global security researchers, enabling real-time vulnerability detection and preventing costly breaches. Intigriti's flexible platform offers a full suite of solutions, including Bug Bounty, Managed VDP, PTaaS, Focused Sprints, and Live Hacking Events, tailored to your evolving digital needs and delivered through a pay-for-impact model, meaning you only pay for valid vulnerabilities submitted. With industry-leading triage, commitment to legal compliance, and exceptional customer service, Intigriti is the go-to choice for organizations like Coca-Cola, Microsoft, and Intel to secure their digital assets and stay ahead in a changing world. -
11
BugBounter
BugBounter
BugBounter is a managed cybersecurity services platform that fulfills the needs and requirements of companies with thousands of freelance cybersecurity experts and service providers who are eligible members of the platform. Providing continuous testing opportunities, discovering unknown vulnerabilities on a success-based pay model ensures a cost-effective and sustainable service. Our democratized and decentralized operating model provides every online business an easy to access and affordable bug bounty program: from NGOs to startups, SBEs to large enterprises - we successfully serve. -
12
Sherlock
Sherlock
Sherlock is a blockchain security platform that delivers rigorous smart contract audits using a hybrid model combining dedicated expert review and crowdsourced audit contests to reveal vulnerabilities that traditional approaches often miss. It pairs the close scrutiny of top security auditors with incentive-driven participation from the global security community, ensuring many eyes examine the code under contest-based bounties. After an audit is complete, Sherlock optionally provides smart contract coverage, meaning it may pay out up to $500,000 USDC if flaws slip through, which aligns Sherlock’s incentives with those of its customers. The platform also supports continuous bug bounty programs, requiring a small deposit per submission to discourage noise, while expert triaging ensures only meaningful vulnerabilities reach clients. Their claims process is governed by an impartial third party to ensure fairness and transparency. -
13
Synack
Synack
Comprehensive penetration testing with actionable results. Continuous security scaled by the world’s most skilled ethical hackers and AI technology. We are Synack, the most trusted Crowdsourced Security Platform. What can you expect when you entrust your pentesting to the Synack Crowdsourced Security platform? Become one of the select few SRT members and hack among the best in the world, sharpening your skills and putting them to the test. Hydra is an intelligent AI scanning tool that alerts our SRT members of possible vulnerabilities, changes, or events. In addition to bounties for finding vulnerabilities, Missions provide payment for methodology-based security checks. Trust is earned, and our currency is straightforward. A commitment to protect our customers and their customers. Utter confidentiality. Optional anonymity. Total control over the process. Complete confidence when you need to focus on your business. -
14
TOKPIE
TOKPIE
First Cryptocurrency Exchange Platform with BOUNTY STAKES TRADING service. Earn, trade, and invest as never before. TOKPIE is the only one cryptocurrency exchange in the world that provides Bounty Stakes Trading solution allowing its users to earn, trade and invest as never before. Bounty Stakes Trading is the revolution in bounty common practice and a win-win-win solution for bounty hunters, smart investors, and crypto startups (ICO, STO, post token sale projects). It simultaneously allows bounty hunters get both ‘cash’ immediately after performing any kind of bounty tasks and related project's tokens later, investors get the highest ROI (Return on Investments) by obtaining promising tokens with a huge discount, startups boost their bounty campaigns and token/coin sales by allowing participants to trade earned stakes on the Tokpie platform. Get 'cash' (Ethereum, USDC, etc) by selling part of bounty stakes immediately as soon as they earned. -
15
Cantina Code
Cantina
Cantina Code is a dedicated code-review platform optimized for security assessments, enabling clients and researchers to perform thorough reviews, communicate seamlessly, and manage submissions in one unified environment. The platform features a live, real-time findings dashboard that allows clients to track vulnerabilities and commentary as they occur, as well as filtering capabilities to sort by severity, author, or custom labels. For researchers, Cantina Code offers structured submission forms, built-in severity and status labels, and direct in-tool commenting and pinging so teams can collaborate easily and reduce noise. Reputation scores help triage work by highlighting trusted researchers and reducing spam, while an AI assistant aids in triage and de-duplication of low-signal submissions. The platform supports different engagement models, such as public competitions, private reviews, bug bounties, or collaborative assessments, with dashboard settings adapting to the review type. -
16
CyStack Platform
CyStack Security
WS provides the ability to scan web apps from outside the firewall, giving you an attacker's perspective; helps detect OWASP Top 10 and known vulnerabilities and constantly monitoring your IPs for other security threats. The team of CyStack pen-testers conducts hypothetical attacks on a customer's applications to discover security weaknesses that could expose applications to cyberattack. As a result, the technical team can fix those vulnerabilities before hackers find and exploit them. Crowdsourced Pen-test is the combination of certified experts and community of researchers. CyStack deploys, operates, and manages the Bug Bounty program on behalf of enterprises to attract a community of experts to find vulnerabilities in technology products such as Web, Mobile, Desktop applications, APIs or IoT devices. This service is a perfect solution for companies that are interested in the Bug Bounty model. -
17
BountiXP
BountiXP
bountiXP is a holistic, employee-centric platform that unifies and aligns people for success. One platform, multiple recognition and engagement apps. Our multi-application platform provides a dynamic, 360-degree, employee-centric experience of recognition and engagement. Combining the power of goal-based and values-based recognition, bountiXP aligns strategy and culture for improved people performance. Enables everyone in the organization to send and receive messages of thanks, praise, appreciation and support. Empowers everyone to nominate a colleague or team to receive a reward for the value they add to the organization. Allows managers to recognize and reward employees, reinforcing the link between strategy, culture and success. Elevate messages that reinforce organizational goals with the addition of points. As a hub of social recognition and engagement, bountiXP enables people to establish connections and build relationships around shared values and common purpose.Starting Price: $7.76 per user per month -
18
Dework
Dework
Web3-native project management with token payments, credentialing, and bounties. Create bounties for contributors, let contributors build their web3 profile, and pay with your own DAO token. Clearly communicate your project roadmap and what work needs to be done. Share context on ongoing initiatives and make it easy to involve new and existing contributors. Let your community apply to tasks. Easily view their profile and work history before assigning them. Gate access using Discord roles or token holdings. Add bounties to tasks and pay them directly through Dework. Connect your Gnosis Safe and batch pay bounties to save on gas fees. Pay with any on-chain token, including your DAO native token. Discuss Dework tasks in Discord threads, notify members when new bounties are available, and more. Dework syncs Github issues, branches, and pull requests with Dework tasks. Dework works with Gnosis Safe, Metamask, Wallet Connect, Phantom, and more. -
19
beSECURE
Beyond Security (Fortra)
A flexible, accurate, low maintenance Vulnerability Assessment and Management solution that delivers solid security improvements. Designed to get you the most accurate and fastest possible improvement in network security customized for your organization’s needs. Continually scan for network and application vulnerabilities. Daily updates and specialized testing methodologies to catch 99.99% of detectable vulnerabilities. Data driven, flexible reporting options to empower remediation teams. *Bug bounty program* for any discovered proven false positives! Complete organizational control. -
20
PHPTRAVELS
PHPTRAVELS
The easiest way to start your online travel business. With 100% open-source code applications. We offer the most cutting-edge online booking solutions on the market. Mobile, tablet, laptop & desktop. users enjoy a fully tailored experience while browsing our travel portal. We boast your travel business with our technology. We have a dedicated and expert support team for you, We communicate and help you with Livechat, Skype, Whatsapp and ticket system in real-time 24/7. Developed using the latest technologies, PHP, JS, jQuery, HTML5, Bootstrp and Codeigniter framework with HMVC coding pattern. Responsive themes for seamless full-blow user experience by managing a steady look and feel of your site across devices. We take security seriously and back our product with a Security Bounty Program to encourage responsible disclosure by researchers. With our streamlined technology we give you an unprecedented level of control. User-friendly fast, easy to understand and manage.Starting Price: $250.00 one-time -
21
PolySwarm
PolySwarm
Unlike in any other multiscanner, in PolySwarm there is money at stake: threat detection engines back their opinions with money, at the artifact level (file, URL, etc.), and are economically rewarded and penalized based on the accuracy of their determinations. The following process is automated and is executed by software (engines) in near real time. Users submit artifacts to PolySwarm’s network via API or web UI. Crowdsourced intelligence (engine determinations) and a final score (PolyScore) are sent back to the User. The money from the bounty and the assertions becomes the reward, which is securely escrowed in an Ethereum smart contract. Engines that made the right assertion are rewarded with the money from the initial bounty from the enterprise plus the money the losing engines included with their assertions.Starting Price: $299 per month -
22
OAK Network
OAK Network
OAK is the native token of OAK Network, which is a delegated proof of stake network with the purpose of providing decentralized and trustless cross-chain automation. OAK aims to provide users with easy and affordable tools to schedule and automate payments that can be triggered by time, token price, or other events. Providing these services to millions of users OAK requires a thriving ecosystem that is both secure and incentivizes good faith participation in the network for all stakeholders. This paper describes the economic structure OAK uses to reward good faith participation from a wide variety of stakeholders including automation users, stakers, collators, and investors. You may be entitled to OAK distribution from participating in OAK Network crowdloan, ambassador program, bug bounty and other events. -
23
Zerocopter
Zerocopter
The leading enterprise application security platform empowered by world’s best ethical hackers. Based on the amount and complexity of the projects your team(s) wants to start, you’re either a starter or an enterprise. Through our platform, you can easily control your security projects, while we manage and validate all the reports your team(s) receives. The best the ethical hacker world has to offer, joining your team in the effort of improving security. Set up your team of superb ethical hackers to search for unknown vulnerabilities in your application. We assist in selecting services, setting up programs, defining scopes and matching you with ethical hackers we vetted rigorously that match your scope. Together, we decide the scope of the Researcher Program, you specify the budget of the Researcher Program, we determine the start date and length of the Program together, and we assemble the best team of ethical hackers to match your scope.Starting Price: €1.000 per month -
24
BountyJobs
BountyJobs
Technology can’t replace humans in recruiting, but it can make their collaboration more effective. At BountyJobs we use technology to connect the right humans at the right time. Nearly a quarter of jobs go to third-party search in the US. Businesses of all sizes seek third-party help for their most important hires. And for the most part, this work happens in an unmeasured, offline process that is challenging for both the businesses that seek help and the recruiters who assist. BountyJobs brings the third-party recruiting ecosystem into the light. Our platform connects employers and third-party recruiters — making the collaboration for critical hiring clear, streamlined and efficient. From start-ups to Fortune 100 enterprises, we support companies seeking talent for their hardest-to-fill roles with our marketplace of top recruiters. Let’s get you started! Sourcing talent for critical jobs requires great third-party recruiters. -
25
Recrooit
Recrooit
Help companies save money on recruiting by earning cash rewards for referring top candidates to open positions. Sign up and discover how rewarding it is to connect people with amazing opportunities. Share job links with your unique ID from your dashboard. Get a bounty when someone you refer gets hired. Promote chosen job posts with your Recrooit ID by copy-pasting a link. Place it on your website, social media, or ads. Whether you’re a startup or a well-established business, Recrooit is built to match and reach your aims. See for yourself how the most efficient recruiting strategy grows your team. Take full control over recruitment costs and your pick of only the most qualified candidates. Your account is connected to our affiliate program, so you can earn money each time someone posts a job.Starting Price: $249 per month -
26
EthicalCheck
EthicalCheck
Submit API test requests via the UI form or invoke EthicalCheck API using cURL/Postman. Request input requires a public-facing OpenAPI Spec URL, an API authentication token valid for at least 10 mins, an active license key, and an email. EthicalCheck engine automatically creates and runs custom security tests for your APIs covering OWASP API Top 10 list Automatically removes false positives from the results, creates a custom developer-friendly report, and emails it to you. According to Gartner, APIs are the most-frequent attack vector. Hackers/bots have exploited API vulnerabilities resulting in major breaches across thousands of organizations. Only see real vulnerabilities; false positives are automatically separated. Generate enterprise-grade penetration test reports. Confidently share it with developers, customers, partners, and compliance teams. Using EthicalCheck is similar to running a private bug-bounty program.Starting Price: $99 one-time payment -
27
Certent DisclosureNet
insightsoftware
Search millions of public filings in seconds with Certent DisclosureNet, a cloud-based disclosure research, and peer analytics solution. Certent DisclosureNet features the combination of internal and external report creation with a built-in proprietary research engine. With Certent DisclosureNet, users can manage data throughout the disclosure process. Certent DisclosureNet also features XBRL tagging, software training, implementation, and validation report. -
28
Bounti
Bounti
Bounti enables faster, better, and more authentic prospecting in minutes. Our autonomous AI teammate saves you 40% of time spent on outreach and empowers your team to deliver meaningful and personalized engagement. Scale quickly and efficiently with an autonomous AI teammate. Our solution empowers your team to start prospecting immediately, in minutes, not weeks or months, with AI-generated research, use cases, pitches, and sample messaging to supercharge outreach without the delay of onboarding. Improve the quality and impact of your outreach with curated news, research, and messaging that is immediately relevant to the seller profile and the ICPs you need to engage. Better research means better connections. Instantly boost research, preparation, and prospecting. Improve the quality and impact of your outreach with curated news, research, and messaging that is immediately relevant to the seller profile and the ICPs you need to engage. Better research means better connections. -
29
DNSdumpster.com
DNSdumpster.com
DNSdumpster.com is a free domain research tool that can discover hosts related to a domain. Finding visible hosts from the attacker's perspective is an important part of the security assessment process. The ability to quickly identify the attack surface is essential whether you are penetration testing or chasing bug bounties. Network defenders benefit from passive reconnaissance in a number of ways, with analysis informing information security strategy. Understanding network-based OSINT helps information technologists to better operate, assess, and manage the network. Save time and headaches by incorporating our attack surface discovery into your vulnerability assessment process. No brute force subdomain enumeration is used as is common. We use open source intelligence resources to query for related domain data. It is then compiled into an actionable resource for both attackers and defenders of Internet-facing systems.Starting Price: Free -
30
HydraDX
HydraDX
Provide liquidity only for the asset you want. The Omnipool will mint and burn a corresponding amount of the pool token LRNA. Deep, diversified and unfragmented liquidity enables 2-4x more capital-efficient trading thanks to lower slippage and fewer hops. Built for B2B. Any project/DAO Treasury can provide liquidity using XCM and gain instant exposure to an ocean of assets. Trustless, without hidden costs and while accumulating (diversified) POL from trading fees. Liquidity Providers are supported by several non-inflationary mechanisms for mitigating impermanent loss. Provide liquidity for selected assets and receive additional rewards on top of trading fees. Paid out HDX or any other supported asset. The HydraDX Omnipool is fully audited and supported by a generous bug bounty program. Cutting-edge mechanisms such as liquidity caps, protocol fees and circuit-breakers work together to protect your liquidity. -
31
Bitcoin SV
Bitcoin SV
Our ecosystem is based on four pillars that form the basis of Bitcoin SV’s infrastructure to create the one blockchain for the world. Enabling businesses to plan years in advance and commit significant resources to build on a stable protocol. Delivering capacity increases through scalable architecture and miner configurable block sizes. Fostering best practice change management processes, external security audits and lucrative bug bounty program. Unlocking the bricks-and-mortar merchant market and enabling new business models with micropayments and nanoservices. If you're a person completely new to digital currencies, a merchant that is looking to accept BSV payments, or an enterprise looking for blockchain solutions, BitcoinSV.com can help you source information about Bitcoin SV providing plenty of resources and useful links. -
32
Bugcrowd
Bugcrowd
Crowdcontrol’s advanced analytics and security automation connect and enhance human creativity to help you find and fix more high priority vulnerabilities, faster. From intelligent workflows to robust program performance tracking and reporting, Crowdcontrol provides the insights needed to multiply impact, measure success, and secure your business. Crowdsource human intelligence at scale to discover high-risk vulnerabilities faster. Take a proactive, pay-for-results approach by actively engaging with the Crowd. Meet compliance and reduce risk with a framework to receive vulnerabilities. Find, prioritize, and manage more of your unknown attack surface. -
33
Uptoken
Upstock
Uptoken helps enable crypto companies at any stage to easily incentivize their employees & ecosystems without fearing scammers or regulators. RTUs act as deferred compensation so that you can promise tokens to practically anyone, anywhere while reducing fraud & regulatory risk. Since RTUs act as deferred compensation, Uptoken helps enable projects to delay the issuance of their token until certain milestones are met, such as liquidity, utility, or safe harbor. Uptoken helps enable crypto companies to promise tokens to contributors in 70+ countries, including America. Uptoken makes the job of community managers easier by enabling them to create bounties, track & verify submissions, & dynamically reward contributions. -
34
PlugBounty
PlugBounty
There are thousands of open-source components such as WordPress plugins and PHP extensions (coming soon) that can be audited. Quickly find the most popular components with the widest attack surface that are automatically listed by Plugbounty. Receive research score for every bug you find. Researchers will be ranked based on the research score on monthly and weekly leaderboard. Wether or not a vendor reacts on your findings, Plugbounty team will review the report and you will get the research score. Every month, a fixed budget will be paid out to top researchers on the leaderboard. -
35
Caido
Caido Labs Inc.
Caido is a modern web security toolkit designed for pentesters, bug bounty hunters, and security teams who need an efficient and customizable solution for web application testing. Caido features a powerful intercept proxy for capturing and manipulating HTTP requests, replay functionality for testing endpoints, and automation tools for handling large-scale workflows. Its sitemap visualization provides a clear view of web application structures, helping users map and navigate complex targets. With HTTPQL, users can efficiently filter and analyze traffic, while no-code workflows and a plugin system enable easy customization to fit specific testing needs. Built on a flexible client/server architecture, Caido supports local or remote hosting, allowing seamless access from anywhere. Its project management system simplifies switching between targets and eliminates the need for manual file handling, keeping workflows organized.Starting Price: Free -
36
XDAO
XDAO
XDAO – expanding multichain DAO ecosystem built for a decentralized future. The main idea of XDAO is to allow people to create a decentralized autonomous organization of any size. XDAO is working on delivering a product that reveals the full potential of a company on a blockchain by providing it with all the tools they need for successful operations. For more savvy users XDAO can also be described as an off‐chain voting mechanism with on‐chain execution. The XDAO is a winner of the BSC Hackathon, HECO Hackathon and also granted by Polygon over the summer of 2021. What can be done with XDAO: ‐ DeFi project treasury team management. ‐ Salary treasury/marketing treasury for any blockchain organization. ‐ Grant program/bug bounty treasury. ‐ Investing in DeFi with mutual assets. ‐ Investing in NFT and GameFi. ‐ Charity. ‐ Joint participation in any Allocations, IDOs or Launchpads. ‐ Family treasury management and many other use cases.Starting Price: free -
37
Hacktrophy
Hacktrophy
Remove the security vulnerabilities of your website or mobile app before you become a target of cyber attack. In cooperation with ethical hackers, we will look for the security vulnerabilities of your site or app. The goal is to protect your sensitive data from black-hat hackers. Together we set test goals and conditions of testing, as well as rewards for security vulnerabilities found. Ethical hackers start testing. If they find a vulnerability, they send you a report that we will review. You fix the vulnerability and the hacker gets a reward. Security specialists continue looking for vulnerabilities until the credit is over or the package expires. Testing of IT security by a community of ethical hackers from around the world. Testing proceeds until your budget for ethical hacker rewards is spent. Possibility to define your own testing objectives and procedures. We will help you set the appropriate amount of rewards for ethical hackers. -
38
DIA
DIA Association
DIA (Decentralised Information Asset) is an open-source oracle platform that enables market actors to source, supply and share trustable data. DeFi applications are reliant on trustable and scalable data feeds to build reliable products and avoid exploitation and manipulation. DIA leverages crypto-economic incentives and the wisdom of the community to source, validate and deliver trusted financial data. Bounties for data sourcing and data validation get funded with DIA tokens and are completed for reward. All data is pulled from primary sources to DIA servers. The DIA database gets hashed on-chain, and all scraper code and documentation is hosted on Github. All data is accesible via API endpoints or Oracles. Lending platforms, index providers, prediction markets and other users can freely acces DIA’s open-source, validated data streams. -
39
bitcoin.de
bitcoin.de
Largest Bitcoin marketplace in Europe with over 900,000 customers. First and so far only Bitcoin marketplace worldwide trading with audited Bitcoin customer portfolios by a publically accredited auditing company (last audit as per 05.10.2020, next audit in October 2021). Over 98% of the Bitcoin customer portfolios are stored offline. All Bitcoin.de servers are located in secure data processing centers in Germany. Regular security audits by external companies. Advantage of a market place such as Bitcoin.de: your funds always remain on your own bank account covered by statutory deposit insurance. Most Bitcoin exchanges on the contrary hold your funds as a rule unsecured on the company bank account of the exchange operator with the risk of a total loss should the exchange operator become insolvent. Other advantages are the Bug Bounty program, encrypted email transmission and much more. -
40
SuperBots
UpBots
New product of the UpBots eco-system, SuperBots was launched 2 weeks ago, and is the result of a work made possible by the investment of Alameda Research. SuperBots is a decentralized protocol for automatic trading based on algorithms. After many audits of our innovative protocol, including Certik and SolidProof, as well as a bug bounty on Immunefi which validated the security of our smart contract, the DApp is finally available, and works with the UBXT token, listed on FTX, Kucoin and many DEX. We have already added several features, like the SuperVault and will continue to add other unique features, like decentralized trading in leverage, futures, etc... We have just started, with a product on BSC, and will soon launch on ETH and Polygon. Our user base is growing and we hope to continue its growth with your help. -
41
ConvergePoint Conflict of Interest Disclosure
ConvergePoint
The ConvergePoint Conflict of Interest Disclosure software offers a comprehensive solution for COI disclosures and managing conflicts within your organization. Employees can use the COI software to self-submit disclosures for such activities as gift and entertainment disclosures and complete scheduled annual disclosures assigned by the compliance team. -
42
Trickest
Trickest
Join us in our mission to democratize offensive security with tailored best-in-class solutions that address the unique needs of professionals and organizations. Evolve from the terminal to a specialized IDE for offensive security. Use Trickest’s library of tool nodes, import your own scripts, or drop in your favorite open-source tools all in one place. Choose from template workflows for common tasks and a growing list of 300+ open source tools the security community loves. Run your workflows in the cloud with easy autoscaling and cost controls. Skip manual infrastructure setup and stop paying for idle VPSs. No more digging through filesystems for your old runs, use Trickest’s spaces, projects, and workflow versioning to stay on top of even the most complex projects. Trickest is for anyone who interacts with offensive security: enterprise security teams, red teams, purple teams, specialized pen testers, bug bounty hunters, security researchers, educators, etc. -
43
PortSwigger Web Security Academy
PortSwigger
The Web Security Academy is a strong step toward a career in cybersecurity. Learn anywhere, anytime, with free interactive labs and progress-tracking. Produced by a world-class team - led by the author of The Web Application Hacker's Handbook. The Web Security Academy is a free online training center for web application security. It includes content from PortSwigger's in-house research team, experienced academics, and our founder Dafydd Stuttard. Unlike a textbook, the Academy is constantly updated. It also includes interactive labs where you can put what you learn to the test. If you want to improve your knowledge of hacking, or you'd like to become a bug bounty hunter or pentester, you're in the right place. The Web Security Academy exists to help anyone who wants to learn about web security in a safe and legal manner. You can access everything (for free) and track your progress by creating an account. -
44
Burp Suite
PortSwigger
Burp Suite is a leading range of cybersecurity tools, brought to you by PortSwigger. We believe in giving our users a competitive advantage through superior research. Each new edition of Burp Suite shares a common ancestor. The DNA running through our family tree represents decades of excellence in research. As the industry has shown time and time again, Burp Suite is the tool you can trust with your online security. We designed Enterprise Edition with simplicity as a top priority. Discover easy scheduling, elegant reports and straightforward remediation advice - all in one powerful package. The toolkit that started it all. Find out why Burp Pro has been the penetration testing industry's weapon of choice for well over a decade. Nurturing the next generation of WebSec professionals and promoting strong online security. Community Edition gives everyone access to the basics of Burp.Starting Price: $399 per user per year -
45
BC Vault
BC Vault
BC Vault is a new generation of crypto hardware wallet that stores your private keys on a safe hardware device, whose design is tailored to the needs of both seasoned and nascent crypto investors. It embodies a reasonable blend of functionality, reliability, independence and security. BC Vault is birthed by comprehensive research, tests and the thirst to offer you a nonpareil experience. BC Vault is unlike any other crypto hardware wallet on the market right now, as it is a truly secure, easy-to-use cryptocurrency vault, which has multiple unique features, currently unavailable on other devices. It supports the most coins and tokens from all the crypto HW wallets on the market. Every shipped BC Vault device has a 1BTC bounty crypto wallet preloaded in it. In essence, every wallet has a private key for a wallet containing 1 BTC. If you can break it, you can be 1 BTC richer.Starting Price: $130 one-time payment -
46
Deloitte Halo
Deloitte
Deloitte Halo can be promoted to potential Whistleblowers inside an organization or externally to the wider defined group of Eligible Whistleblowers. Our service can be tailored to complement any organization’s brand, culture, size of footprint, or clients can choose our simpler off-the-rack offering. By using Deloitte Halo, Whistleblowers and Eligible Recipients are guided and supported by our platform and our team through the disclosure process and can independently access updates on the case they have lodged at any time. Halo has been expanded to include a complaints module which allows you to receive, triage and remediate complaints from your entire customer base. We have also added a registers module which allows you to track items like gifts, conflicts, accidents all within the tool. -
47
Objective Redact
Objective
Redaction software for security conscious organizations. Protect yourself and your organization from accidental disclosure. Know that you’ve redacted any confidential word, phrase or number. It’s an awful feeling when, after manually redacting a document, you can’t help but wonder if you’ve got every word. Yes, “find and replace” works, but only to a certain point. Hidden metadata may still be lurking in your document. Protect yourself and your organization from accidental disclosure. Objective Redact is powerful, automated redaction software that makes redaction much faster, internal review much easier, and keeps your most sensitive information safe. It is ideal for compliance and disclosure processes, redaction is easier and faster; and can handle large volumes of and long, complex documents. Permanently remove all text content marked for redaction, including hidden metadata such as authors, creation dates and other attributes that can be stored in a file.Starting Price: $76.49 per month -
48
Sifchain
Sifchain
Sifchain is the brainchild of Sif, the Norse goddess of earth, agriculture, fertility, family, and marriage. She brings abundance, pleasure, and wisdom wherever she goes. She has blessed a hearty band of 21st century humans with the task of instantiating Sifchain in our universe. Sif represents the collaborative nature of the blockchain industry and the lush rewards that can be found in cultivating connections between multiple other chains. The vision of her moving gracefully through her fields, harvesting a bountiful array of crops, the culmination of all of her hard work and forethought, is what we strive to reproduce in our work on Sifchain. We hope you’ll join us in these noble pursuits. Sifchain is the omni-chain solution for DEXes. More performant, more robust cryptoeconomics for trading and security, more flexible trading capabilities, an extensible omni-chain roadmap and eventual true DAO governance. Sifchain is the future of DeFi. -
49
ARK
ARK Ecosystem
Whether you're a blockchain enthusiast, a solo developer, or a 100+ strong Enterprise, ARK has the blockchain solutions you've been searching for. The ARK Public Network (APN) is the official home of the native ARK crypto asset. The APN is integrated with the ARK Blockchain Platform as well as Projects, products, and swap services to give Blockchain developers the best tools to succeed. ARK is fully open source allowing anyone to contribute. Earn bounties for your contributions and join a thriving community of developers just like you. The ARK Blockchain Framework architecture is fully modular, allowing you to customize your chain to fit your application's needs. ARK Logic allows you to create your own custom Smart Transactions that allow your application to implement native Smart Contract functionality in a simple way. -
50
Hackrate
Hackrate
Check us out at hckrt.com! 🔐 Hackrate Ethical Hacking Platform is a crowdsourced security testing platform that connects businesses with ethical hackers to find and fix security vulnerabilities. Hackrate's platform is designed to be easy to use for both businesses and ethical hackers. Hackrate's platform is a valuable tool for businesses of all sizes. By crowdsourcing their security testing, businesses can gain access to a large pool of experienced ethical hackers who can help them find and fix security vulnerabilities quickly and efficiently. If you are looking for a way to improve the security of your business's systems and applications, then Hackrate Ethical Hacking Platform is a great option to consider.Starting Price: €250/month
