Bug Bounty Program

Our experience shows that traditional security measures are no longer sufficient to find all critical vulnerabilities in IT systems. Bug Bounty Programs are a new and very effective method to identify vulnerabilities that have remained hidden to date. This involves highly specialised security researchers testing IT systems as part of a competition. These experts are not paid according to the hours worked but on the basis of the criticality of the vulnerabilities they find. This ensures that the return on investment is generally very high. Security gaps, some of which are extremely critical yet have not been found using existing test methods such as penetration tests, are found within a very short time. With a Bug Bounty Program the security of IT systems is enhanced significantly within very little time. It is possible to make a realistic assessment of the latent risk of cyber attacks, and the step-by-step reproduction instructions ensure that the vulnerabilities can be rectified quickly.