We are pleased to announce the categories for this year’s Buggy Awards. These awards represent a select group of individuals and organizations who have done fantastic work in the bug bounty space in the past year.

These awards highlight the achievements of top performing customers and researchers and serve as a reminder about what is essential to maintaining the health of the community as a whole.


Top Program Awards

For our top public bounty programs, we are awarding three companies who are truly committed to both the Bugcrowd researcher community and to running an outstanding bounty program.

Best Response Time
This award will go to the organization who responds to triaged vulnerability submissions the quickest. We prioritize transparency and commitment, and this award celebrates the organization that is truly on top of their program and communication with the researchers.

Program of the Year
This year we’re introducing a new program to celebrate the work that goes into setting up a bounty program. Based on several variables including reward range, communication, scope breadth, and general participation, this award goes to the most well-rounded program managed by Bugcrowd.

Researchers’ Choice
We surveyed our active 2016 crowd members twice this year to find out what their favorite program was and “why?” While it is important to have a well-rounded program, the ultimate decider of success is the researcher community.


Top Bug Hunter Awards

For our top bug hunters, we are recognizing three individuals based on vulnerability submission data and one individual for their outstanding contributions to the community.

Top Kudos Points
This award went to the researcher with the highest Kudos points on Disclosure Only programs. This award is important because programs like ISC2, which is a not-for-profit security education and certification company, are incredibly devoted to security but don’t offer cash bounties.

Most Non-Duplicate P1’s
These researchers have gone above and beyond, most consistently submitting the highest quality bugs in 2016, and providing tremendous value to organizations. This award honors the researchers who found the most P1s across all Bugcrowd programs.

Most Valuable Hacker
This award was given to the hacker demonstrating excellence in submitting high-severity bugs, a high volume of bugs, AND doing so with a high accuracy rate. The minimum criteria for this category are an acceptance rate greater than 95%, an average priority greater than 3.0 and an invalid rate less than 10%.

Outstanding Community Contribution
In addition to celebrating the work researchers have submitted to Bugcrowd programs, we’re also recognizing additional contributions to the Bugcrowd community. Much of the content we distribute to new community members is also community generated. The sharing of resources and tips is crucial to the growth of this community and this award thanks the top contributors to that goal.

We’re looking forward to announcing the finalists next week and the winners in each of these categories the following week. To receive notifications as updates are available, enter your email below: