skip to Main Content
Researcher Portal
Customer Portal
Why Bugcrowd
Explore The Platform
How it Works
The Bugcrowd Difference
Platform Overview
Integrations
Vulnerability Rating Taxonomy
Products
What We Offer
Penetration Testing
Classic Pen Test
Next Gen Pen Test
Web Application Pen Test
Network Pen Test
API Pen Test
IoT Pen Test
Bug Bounty
Vulnerability Disclosure
Attack Surface Management
Bug Bash
Solutions
By Industry
Financial Services
Healthcare
Retail
Automotive
Technology
Industry
Government
Security
Marketplace Apps
Mergers & Acquisitions
Researchers
Hack With Us
Programs
CrowdStream
Bug Bounty List
FAQs
Help Wanted
Learn With Us
Overview
Bugcrowd University
Ambassador Program
Forum
Leaderboard
Programs
Resources
Resource Library
Resources
Case Studies
Webinars
Events
Glossary
FAQ
Company
About
About Us
Customers
Leadership
Careers
Expertise
Partners
News & Press
Blog
Press Releases
News
Contact Us
Get Started
Contact Us
Researcher Portal
Customer Portal
Open Mobile Menu
Request a Demo
Contact Us
This website use cookies which are necessary to its functioning and required to achieve the purposes illustrated in the
privacy policy
. To learn more or withdraw consent please click on Learn More.
By continued use of this website you are consenting to our use of cookies.
Accept
Learn More
Cookie Settings
Operationally Necessary Cookies
Operationally necessary cookies are necessary to the operation of our sites, services, applications, and tools. These can not be disabled.
Analytics Cookies
Analytics cookies help us understand how visitors interact with websites by collecting and reporting information anonymously.
Advertising Cookies
Advertising cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user based on interest and usefulness.
Submit
x
GLOSSARY
Bug Bounty Program (BBP)
A Bug Bounty Program utilizes a pay for results model, ensuring you only pay for valid results, versus paying for time and effort spent like with traditional testing methods. It’s also important to note that through these programs, companies authorize researchers to not only identify vulnerabilities but to also provide proof of concept. As importantly, any data that a researcher gleans from these POCs are held and protected under the terms and conditions that the researchers and company (and if using a third-party platform, that platform) have set forth. There are two types of program: private (invite-only) and public (open to the full Crowd).
Related Resources:
[Case Study] Dash
[Guide] The Ultimate Guide to Managed Bug Bounty
[Guide] 7 Bug Bounty Myths, Busted
previous post:
Broken Access Control (BAC)
next post:
Hacker
