The Bounty Table Benchmarking Dashboard compares your program’s bounty table with similar-sized organizations (by annual revenue) so you can make informed decisions when setting your rewards. A well-structured bounty table is essential for attracting and retaining top ethical hackers. Programs that offer competitive rewards typically experience higher levels of participation and engagement.
Tip: Your bounty table is published to hackers in your Program guidelines under Rewards summary.
The annual revenue categories are:
<$1M
$1-5M
$5-20M
$20-100M
$100-250M
$250-500M
$500M-1B
$1-5B
$5-10B
>$10B
You can select how you want your program bounty to be displayed when assets in the same severity class have different bounty amounts (i.e. if Asset A and Asset B have different rewards for a Critical vulnerability):
Min: shows the minimum bounty reward for the severity class
Max: shows the maximum bounty reward for the severity class.
Data on this dashboard is real-time & refreshed hourly.
On each chart, you can:
Explore - This enables you to take a deep dive into your data to see what areas you need to focus on to improve your program.
Add a custom benchmark - Specify the kinds of programs you want to compare your program to based on Industry, company headcount, company revenue, program type, and asset type.
Show the data in table format - switch between the graph and table views.
More—Export the data from the chart, view it in full-screen mode, and show point labels.
To learn more about the features and functionality available on all dashboards, see the Dashboards documentation.
Critical Vulnerabilities
Shows your program’s bounty reward for critical vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
High Vulnerabilities
Shows your program’s bounty reward for high vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
Medium Vulnerabilities
Shows your program’s bounty reward for medium vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.
Low Vulnerabilities
Shows your program’s bounty reward for low vulnerabilities compared to organizations of similar size by 50th percentile (median), 75th percentile, and 95th percentile.