Building the knowledge of the world's best ethical hackers into the Detectify platform
Benefit from an always updated Detectify platform that's fuelled directly by Crowdsource, our community of hand-picked ethical hackers.
How Crowdsource works
Crowdsource ethical hackers find web vulnerabilities
Our ethical hackers find vulnerabilities in widely used systems, such as a CMS, framework, or library. They then submit it with a proof-of-concept to Crowdsource.
Detectify integrates these vulnerabilities into its products
The proof-of-concept is reviewed internally. Once accepted, its built into the scanner so all customers get access to this.
Detectify customers scan their assets for the vulnerabilities
The ethical hacker is rewarded for each 'hit' - by reporting the vulnerability once, they help secure hundreds of websites with automation.
Giving customers more value
The latest security knowledge is automated to detect commonly exploited vulnerabilities and allow specialists to focus on more challenging security bugs.
A large scale focus so that everyone benefits
Crowdsource supports all Detectify customers, regardless of their size or turnover. Because Crowdsource ethical hackers find vulnerabilities across commonly used technologies, all Detectify customers benefit.
Democratizing security knowledge
We take the knowledge of experts and put it into the hands of those that need it the most.
Crowdsource in numbers
Modules provided by Crowdsource researchers
Vulnerabilities found in Detectify customer assets
Top ranked ethical hackers in the Crowdsource community
Detectify helps 10,000+ users manage their attack surfaces
Is Crowdsource a bug bounty program?
Yes, but with a twist! A bug bounty program is where ethical hackers can report a specific company's vulnerability and receive payment for the find. Crowdsource works a bit differently from this. Our ethical hackers report bugs found in commonly used technologies to Detectify's Security Research team. Once the Security Research team verifies that the vulnerability is exploitable, the research gets automated into our products. This benefits all of our customers using the affected technology instead of only one company at a time.
What is an ethical hacker?
An ethical hacker is an individual who exposes vulnerabilities in a system but in a lawful way. All ethical hackers that are part of the Crowdsource platform are subject to a background check before joining. You can read more about ethical hacking and how Detectify works with ethical hackers across all of our Crowdsource pages.
Are the ethical hackers in Crowdsource hired by you?
Crowdsource ethical hackers contribute as freelancers and are not employees of Crowdsource or Detectify. They report vulnerabilities that they find and receive payment when the vulnerability is located in customer assets.
Can an ethical hacker work for multiple bug bounty platforms as well as Crowdsource?
Yes, they can. We do not limit any ethical hacker to collaborate with Detectify Crowdsource exclusively.
Do Crowdsource ethical hackers have access to client information?
No client-specific information is shared with Crowdsource ethical hackers. Any shared information is redacted and aggregated to guide ethical hackers to widely used technologies present among Detectify's customers.
Can Detectify customers also submit vulnerabilities?
Currently, only Crowdsource ethical hackers can submit vulnerabilities for rewards. If you're interested in joining the community and you think you've got what it takes, apply now! If you're a customer that has discovered a widely applicable vulnerability and you'd like to share it with our broader customer base, please reach out to us.
How do you choose which technologies ethical hackers will focus on?
We have a list of accepted technologies, but it is up to the Crowdsource ethical hackers to decide what vulnerabilities they want to submit for each technology. We do guide our ethical hackers to focus on what technologies are the most important for our customers.