All Collections
Researchers
Ranking & quality metrics
How can I take part in Hybrid Pentests?
How can I take part in Hybrid Pentests?

All you need to know about the criteria to fulfill to gain access to Hybrid Pentests

Travis Anderson avatar
Written by Travis Anderson
Updated over a week ago

Hybrid Pentests are the newest approach to security testing from intigriti, combining the best of both worlds from traditional pentests and bug bounty programs. Hybrid Pentests only have one researcher scheduled at a time and always require an application. However, not every researcher has the ability to apply for Hybrid Pentests by default. Since you would be closely working with customers, Intigriti wants to make sure that we grant this privilege primarily to those who have proven their mettle (both technical skills, as well as ethical and good conduct, are required).

General Eligibility Criteria

As a researcher, the following criteria need to be met to enter the qualification for Hybrid Pentest Eligibility:

  • Identity must be verified

  • Must be active on the intigriti platform for at least one year

  • At least 80% of submitted reports must be valid

  • At most 33% of reports may be deemed “informative” only

  • At least 50% of reports must have been eligible for bounty

These criteria may also be considered fulfilled if equivalent performance on comparable platforms can be demonstrated. The same goes for researchers who were engaged in part- or full-time employment with the main responsibility of conducting pentests for IT assets.

Specific Eligibility Criteria

If the General Eligibility Criteria are met, researchers are qualified to hold an interview with an intigriti Hybrid Pentest Manager. During this short interview, we will evaluate:

  • Language skills

  • Knowledge and skills specific to pentests

  • Ability to interact with intigriti customers in a professional fashion

If the Hybrid Pentest Manager deems the criteria met, the researcher will receive a flag as “eligible for Hybrid”, granting access to the ability to apply for Hybrid Pentests.

Eligibility for specific Hybrid Programs

Companies may set out additional specific criteria for researchers to be invited to their programs, depending on their requirements and given sufficient reason (such as legal requirements, internal policies, or researcher criteria specific to the scope of the Hybrid Pentest). This is no different from continuous programs but is worth mentioning anyway.

Exclusion Criteria

Researchers can be excluded from possible participation in Hybrid Pentest Programs if there is any instance of violation of either Researcher T&C and/or violation of the Code of Conduct. The same goes for expressing explicitly unprofessional behaviour towards Intigriti staff or Intigriti customers. In both cases, the “eligible for Hybrid” flag may be removed from the researcher, preventing further participation in Hybrid Pentest Programs. Depending on the severity of the violation, Intigriti may also apply further penalties, such as temporary or permanent bans.

Did this answer your question?