root@hckrt: ~#
Frequently asked questions about Hackrate
Below you'll find answers to the questions we get asked the most about Hackrate
What is Hackrate?
Hackrate is an ethical hacking platform, previously referred to as a bug bounty platform. Our services are designed to make organizations’ cybersecurity projects more transparent by providing a crowdsourced approach with a global community of highly skilled ethical hackers.
What is HackGATE?
HackGATE™ is a managed gateway for security testing. As the industry's first comprehensive solution for monitoring pentest projects, it enables organizations to have more transparency and better control over security testing initiatives.
What kind of services does Hackrate provide?
Hackrate offers a range of services to help companies improve their security posture, such as: Pentest as a Service, Attack Surface Management, Managed Vulnerability Disclosure Programs and Managed Bug Bounty Programs.
Who is Hackrate for?
Hackrate is for any organization that wants to improve its IT security systems, regardless of industry. Our clients come from a range of different sectors, such as finance and banking, healthcare, telecommunications, e-commerce, technology, and more.
What are the benefits of Hackrate, for ethical hackers?
As an ethical hacker, signing up for Hackrate can be a great way to utilize your skills and earn money while helping improve software and systems' security. We provide a professional report validation team, an easy-to-use platform, a wide range of bug bounty programs, and unparalleled support.
What are the benefits of Hackrate, for organizations?
Hackrate provides a way for organizations to crowdsource security testing and get notified about critical vulnerabilities in their systems before malicious hackers discover them. This is a cost-efficient way to strengthen the organization’s security, improve brand awareness, and comply with regulations. Our enterprise-level monitoring appliance called HackGATE™ is purpose-built to empower you, ensuring the highest level of control throughout the process.
What is a managed vulnerability disclosure program?
A managed vulnerability disclosure program (mVDP) provides a secure process for bug reporting by enabling ethical hackers to share their findings in a managed way, effectively reducing the risks associated with disclosing vulnerabilities through unauthorized channels. Implementing mVDP sends a clear message on behalf of your organization: you value the contributions of ethical hackers and recognize their importance in your security posture.
What’s PTaaS?
PTaaS stands for Penetration Testing as a Service. By employing verified hackers, integrating with ticketing systems, and providing in-depth assessments and real-time visibility, PTaaS offers a safe, controlled way to test your systems and improve your organization’s security posture.
What is a bug bounty program?
A bug bounty program is about using the power of crowdsourced security to protect your business. In a bug bounty project, a company can reward ethical hackers for reporting vulnerabilities.
How do you make sure that the ethical hackers are trustworthy?
We use layered protection to verify the trustworthiness of ethical hackers with whom we work at Hackrate. To provide a group of selected and verified ethical hackers, we are using Onfido ID verification services. Our customers have full control over which hackers they want to work with. Ethical hackers who reach the highest level of trustworthiness are selected into the Hackrate Elite Club.
Do you have an NDA?
Yes. Ethical hackers are bound by strict rules. For more details, visit our Terms page.
How many ethical hackers are testing at one time?
The ethical hackers working on each project depend on the customer’s specific needs. The customer can choose to start a public or a private program. In the case of a private program, the customer decides which ethical hackers they want to invite.
Is the service continuous?
The duration and frequency of the service depend on the client’s needs. We believe that continuous security testing has many advantages over one-time pen tests. Still, it is entirely up to the customer’s decision, whether they want a year-long partnership or only require testing for a 1-month period.
Will I get recommendations for fixing vulnerabilities on the platform?
Yes. Communication is an integral part of our reporting services. In addition, for customers who decide to opt in, Hackrate’s OpenAI integration also provides AI-generated tips on how to fix vulnerabilities.
How do you reward ethical hackers?
Hackrate fully manages the payment of rewards to ethical hackers, after receiving permission to do so.
Is retesting included in the services?
It depends on the customer’s needs. If they require retesting, we will include it in their package.
Do you have insurance?
Yes, Hackrate has cyber insurance.
Our organization uses automated vulnerability scans. Is this enough?
No. Automated vulnerability scans do a great job at giving you a quick overview, they often leave critical gaps that can expose businesses to potential risks, giving them a false sense of security. It is highly recommended to employ a more holistic approach, with a range of different testing methods for a stronger security posture. For more info, read our blog post on automated vulnerability scans.
How much does Hackrate cost?
The pricing of Managed Vulnerability Disclosure Programs starts at 200 EUR/month. The pricing of managed bug bounty and PTaaS services primarily depends on the scope of the projects and your company’s specific needs.
Does Hackrate offer support?
Yes, we do offer support to our customers. If you have any questions, our team is happy to help. Just drop us a line at [email protected].
Hackrate
Our platform helps companies to identify software vulnerabilities in a cost-efficient way. It provides a secure and centralized view of ethical hacking projects for your company.
US Patent Applied for HackGATE #63/645,845
Products
From the Blog
-
Why choose managed Vulnerability Disclosure Programs (mVDP)?
Aug 30 • 10 min read
-
Pentesting AI Applications with Hackrate and SplxAI
Aug 12 • 4 min read ★
-
Navigating the NIS 2 directive - Key takeaways
Aug 06 • 6 min read