Skip to main content
Sending Program Updates

updates, scope changes, bonus week, program rules

Inti avatar
Written by Inti
Updated over 9 months ago

Program updates allow you to communicate to the researchers on your platform and can be used as an effective way to drive activity and engagement on your program.

Researchers will receive an e-mail directly from you when you send out the update.

When can I use Program Updates?

Program updates can be used for many different reasons, below are the most common uses:

  1. Functionality updates - you could sync these updates to your release cycle and even opt to send them out automatically based on release notes, using our API.

  2. Technical updates - a new version or a rewrite of certain aspects of your applications, can also be communicated through an update

  3. Changes to the test credentials you're providing, for example when more privileges are being offered in the testing scope

  4. Additional (temporary) incentives - a Bonus Week where researchers receive a 20% bonus for certain assets, vulnerabilities etc.

  5. Highlighting program rules

Who gets notified?

  • On a Private program: All researchers who have accepted the invitation will receive the update.

  • On an Application program: all researchers who accepted the invite before the change from Private to Application program + all researchers who have submitted a vulnerability on your program since

  • Registered or Public program, same as application + all researchers who are following your program

!! Important note

If you send out an update about a scope change, be sure to also update the Domains or Program Details!

Where can I send out an update?

As a Program Editor, Program Admin or Company Admin, you can go to the Program menu / Updates and prepare an update. You can prepare an update as a draft and publish it later.

Updates can be found in the program menu:

Updates can be drafted and saved as a draft (Save) or Published immediately.

You can write a draft and ask you success manager to double check.

Examples

New Functionalities

Title: New functionalities available!

Body:

Dear researchers,

Good news! We have added new hunting ground to our program!

As of now, we support xx functionality on xx applications.

We're curious to know what you can find πŸ‘€πŸ‘€

Happy hunting,

Heavy Scanning

Title: Note on Heavy scanning

Body:

Dear researchers,

We are currently experiencing heavy loads because of intrusive testing.
Please stop your heavy scanning and adhere to the limit of 5 requests / second, as stated in the program description.

Keep in mind the Intigriti code of conduct which expects you to adhere to program rules at all times.
​https://kb.intigriti.com/en/articles/5247238-community-code-of-conduct

Thanks,

New Feature

Title: New feature released

Body:

Dear researchers,
​
We released a lot of new features. You can find all information here: [link]. We look forward to seeing what new vulnerabilities you might discover.


The new features involve:

  • …

Happy hunting!

Regards, the security team

New Scope

Title: New scope released

Body:

Dear researchers,


We added 2 new domains to our bug bounty program (tier [x]):

  1. Xxx

  2. Xxx

Happy hunting!
​
Regards, the security team

New Credentials Uploaded

Title: New credentials available

Body:

Hi all,

We have uploaded new credentials and deleted all the old credentials for the following assets in scope:

  • Asset 1

  • Asset 2

You can use the credentials button in the right top corner to request new credentials! Feel free to reach out to support if you have any issue with these credentials.

Happy hunting!
​
Regards, the security team

Did this answer your question?