Assigning Bonus Bounty

In BugBase, program managers have the option to assign bonus rewards to hackers in addition to the regular bounties. Bonus rewards are additional monetary rewards given to hackers for exceptional contributions or for going above and beyond in their reports.

When deciding to award a bonus, program managers should consider the following factors:

  1. Quality of the report: Bonus rewards can be given to hackers who have submitted high-quality reports that are well-written, detailed, and include all the necessary information for the program manager to understand and reproduce the vulnerability.

  2. Impact of the vulnerability: Bonus rewards can be given to hackers who have found vulnerabilities that have a significant impact on the organisation.

  3. Cooperation and communication: Bonus rewards can be given to hackers who have cooperated well with the program managers and provided timely and detailed information throughout the reporting process.

  4. Additional Research: Bonus rewards can be given to hackers who have done additional research and provided additional information about the vulnerability or potential exploitation scenarios.

  5. Uncovering a Chain of Vulnerabilities: Bonus rewards can be given to hackers who have uncovered a chain of vulnerabilities or have found multiple vulnerabilities in the same target

  6. Promotions: Promotions can be used to increase engagement with your program by offering hackers an additional incentive to participate. For example, you can offer bonus rewards for the first X number of valid reports submitted during a specified time frame, or for issues found within a specific product or feature.

It is important to note that bonus rewards are not mandatory and program managers have the discretion to award them as they see fit. It is a good way to recognise and incentivize exceptional contributions from hackers.

To set an bonus

You can only set bonus if there's already a bounty assigned to the report.

  1. Go to the top of the report page and click on the "Assign rewards" button.

  2. Enter the bonus amount and click on save changes.

Last updated