In order to obtain a higher rank in the leaderboard you will want to score as much reputation points as possible while also maintaining a high validity ratio. These metrics are one of the crucial factors that are looked at when being picked for a private program by its administrators.

Reputation points

One part of researcher quality is indicated by the amount of reputation points this specific researcher has acquired on the platform. 

At intigriti we have chosen to award our researchers for valid submissions, rather than punish them for occasional errors. Therefore the amount of reputation points for any researcher will only increase upon acceptance of valid submissions (and never decrease for invalid submissions).

For which submissions are reputation point awarded?

  • Acceptance of a submission (valid vulnerability)
  • Duplicate of a valid submission

How many reputation points will be awarded?

The amount of reputation points will vary according to the submission severity, first report / duplicate / accepted risk and are following:

  • None: 0 reputation points
  • Low: 5 reputation points
  • Medium: 20 reputation points
  • High: 25 reputation points
  • Critical: 40 reputation points
  • Exceptional: 50 reputation points
  • Duplicate: 1/5th of the reputation points of the parent submission

Different visualisations of these reputation points

Throughout the platform, we will use the reputation points in different visualisations:

  • All time reputation points shows the total of reputation points gathered by the researcher during his/her entire lifecycle on the platform. This metric gives an indication of seniority for the dependent researcher
  • 90 days reputation points shows the amount of reputation points that is gathered by the researcher in the last 90 days (reputation points are awarded upon submission acceptance). This metric gives an indication of recent activity on the platform, and allows us to give recent talent a change to be noticed

Validity ratio

Another indicator that is used to measure quality for a researcher is his/her personal validity ratio. This ratio will provide us with an insight in the % of submissions that are considered to be valid in relation to the total amount of submissions that were submitted by this researcher.

What is considered to be a valid submission?

  • All accepted submissions
  • A submission that is rejected as duplicate of a valid submission
  • A submission that is rejected as accepted risk
  • A submission that is rejected as informative

What is considered to be an invalid submission?

  • A submission that is rejected as SPAM
  • A submission that is rejected as Not applicable
  • A submission that is rejected as Out of scope

Streak

A third metric on the platform is the streak. This metric shows us the top severity of all submissions that were submitted by this researcher in the last 90 days, given that these submissions were:

  • Accepted by the company
  • Rejected as a duplicate

Since the origin for this metric is the submission severity, possible values for the streak are:

  • Low
  • Medium
  • High
  • Critical
  • Exceptional

Leaderboard ranking

Throughout the platform, different leaderboards exist:

  • All time leaderboard
  • Leaderboard from the last 90 days
  • Leaderboard per quarter
  • Leaderboard per month
  • Leaderboard per program

How do we rank our researchers?

At all times the leaderboard ranking is determined by reputation points (which are applicable for that specific leaderboard). In case of an ex aequo, streak will be used to break the tie. 

Did this answer your question?