The Bounty Table Benchmarking Dashboard compares your program’s bounty table with similar-sized organizations (by annual revenue) so you can make informed decisions when setting your rewards. A well-structured bounty table is essential for attracting and retaining top ethical hackers. Programs that offer competitive rewards typically experience higher levels of participation and engagement. Your bounty table is published to hackers in your Program Guidelines under Rewards summary.
Revenue categories are:
<$1M
$1-5M
$5-20M
$20-100M
$100-250M
$250-500M
$500M-1B
$1-5B
$5-10B
>$10B
You can select how you want Your program bounty to be displayed when assets in the same severity class have different bounty amounts (i.e. if Asset A and Asset B have different rewards for a Critical vulnerability):
Min: shows the minimum bounty reward for the severity class
Max: shows the maximum bounty reward for the severity class.
Data on this dashboard is real-time & refreshed hourly.
To learn more about the features and functionality available on all dashboards, see the Dashboards documentation.
Critical Vulnerabilities
Shows your program’s bounty reward for critical vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
High Vulnerabilities
Shows your program’s bounty reward for high vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
Medium Vulnerabilities
Shows your program’s bounty reward for medium vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
Low Vulnerabilities
Shows your program’s bounty reward for low vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.