How Crowdsource works
Crowdsource ethical hackers find web vulnerabilities
Our ethical hackers find vulnerabilities in widely used systems, such as a CMS, framework, or library. They then submit it with a proof-of-concept to Crowdsource.
Detectify integrates these vulnerabilities into its products
The proof-of-concept is reviewed internally. Once accepted, it's built into the scanner so all customers get access to this.
Detectify customers scan their assets for the vulnerabilities
The ethical hacker is rewarded for each 'hit' - by reporting the vulnerability once, they help secure hundreds of websites with automation.
Giving customers more value
The latest security knowledge is automated to detect commonly exploited vulnerabilities and allow specialists to focus on more challenging security bugs.
A large scale focus so that everyone benefits
Crowdsource supports all Detectify customers, regardless of their size or turnover. Because Crowdsource ethical hackers find vulnerabilities across commonly used technologies, all Detectify customers benefit.
Democratizing security knowledge
We take the knowledge of experts and put it into the hands of those that need it the most.
Crowdsource and ethical hacking
Learn more about how we work with ethical hacking and see some of the faces of the Crowdsource community
Meet the communityCrowdsource in numbers
.png)
2,472
Modules provided by Crowdsource researchers
.png)
344k
Vulnerabilities found in Detectify customer assets
.png)
400+
Top ranked ethical hackers in the Crowdsource community
FAQ
Yes, but with a twist! A bug bounty program is where ethical hackers can report a specific company's vulnerability and receive payment for the find. Crowdsource works a bit differently from this. Our ethical hackers report bugs found in commonly used technologies to Detectify's Security Research team. Once the Security Research team verifies that the vulnerability is exploitable, the research gets automated into our products. This benefits all of our customers using the affected technology instead of only one company at a time.
An ethical hacker is an individual who exposes vulnerabilities in a system but in a lawful way. All ethical hackers that are part of the Crowdsource platform are subject to a background check before joining. You can read more about ethical hacking and how Detectify works with ethical hackers across all of our Crowdsource pages.
Crowdsource ethical hackers contribute as freelancers and are not employees of Crowdsource or Detectify. They report vulnerabilities that they find and receive payment when the vulnerability is located in customer assets.
Yes, they can. We do not limit any ethical hacker to collaborate with Detectify Crowdsource exclusively.
No client-specific information is shared with Crowdsource ethical hackers. Any shared information is redacted and aggregated to guide ethical hackers to widely used technologies present among Detectify's customers.
Currently, only Crowdsource ethical hackers can submit vulnerabilities for rewards. If you're interested in joining the community and you think you've got what it takes, apply now! If you're a customer that has discovered a widely applicable vulnerability and you'd like to share it with our broader customer base, please reach out to us.
We have a list of accepted technologies, but it is up to the Crowdsource ethical hackers to decide what vulnerabilities they want to submit for each technology. We do guide our ethical hackers to focus on what technologies are the most important for our customers.
Free 2-week trial
Benefit from the power of automated ethical hacker knowledge by trying Detectify for free
Get started now