# Create a Bug Bounty Program on BugBase ### Pre-requisites * Company Account on **BugBase**. You can [**Register here!**](https://bugbase.in/register) ### Create a Bug Bounty Program 1. Login to your BugBase account and visit **`Programs`** page from your company dashboard. 2. Click on the create new Program button. 3. Select the type of Bug Bounty program you want to create. {% hint style="info" %} Private Bug Bounty is ***Exclusive for selected researchers.*** {% endhint %} {% hint style="info" %} Public Bug Bounty is will be ***open to entire BugBase bounty hunter community.*** {% endhint %} 1. **Enter username** for the program you wish to create. 2. **Define scope of your program** {% hint style="info" %} Click on **Add an Asset** button to create a new asset. {% endhint %} **Defining scope in your program** ( Create scope groups ). * Enter scope group name * Select the type of scope group label * select if the scope group should be in-scope or out of scope {% hint style="warning" %} **In scope** - bounty hunters ***are allowed*** to penetrate the scope group\ **Out scope** - bounty hunter ***are not allowed*** to penetrate the scope group {% endhint %} * Select if swags are given along with bounty on successful report submission * Enter the bounty values provided based on report priority * Select multiple assets you wish to add to the scope group. {% hint style="info" %} To create a new scope group click on the **"Create New Scope Group"** button {% endhint %} * Click on the next button 3. **Define participation guidelines:** * Check yes if you want reports on issues outside the scope * Check yes if your program abide by conduct for good-faith security research * Check yes if you wish to give the opportunity to the hacker to request to make the reports public after resolution * Click next 4. **Provide specific areas of concern**. (This could include any surface like login/registration page, any panel etc. * Click next 5. **Provide additional details** * Select the type of activities you want the researcher to get into while they are working on your program. * Select the type of environments your assets are running in, you can select multiple values if there are multiple assets * Select the technologies and frameworks used on these assets you selected before. **Rules of Engagement** * Check yes if you want to collect all the IPs of the reporters in this program * Check yes if you want to allow multiple researchers to collaborate with one another while testing your program * Specify a custom user agent the hacker should include in their requests to your asset to track * Enter the max number of requests allowed per second * Specify a custom header the hacker should use to track their activities * Click next 6. **Brand your program** * Upload a program image * Select a colour for program banner * Fill out program name (this should be different from program username you entered before. * Write a program tagline for hackers to see when they view program * Mention the program website (Mention your main website) * Write a description for your program 7. **Schedule your program Launch** * Select when you want your program to go live from calendar * click next 8. **Review your program** * Check all the details you filled in all these steps and you can go back and edit any of these section if you click on the edit icon in their respective section * You can also go back to the respective section if you click on the left sidebar by clicking on the section you want to go back to. {% hint style="info" %} Click on the **Save and Continue Later** button if you want to resume creating the program in another time. {% endhint %} {% hint style="success" %} You have successfully created your Bug Bounty program with BugBase 🎉 {% endhint %} --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.bugbase.ai/how-to/create-a-bug-bounty-program-on-bugbase.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.