In order to obtain a higher rank in the leaderboard you will want to score as much reputation points as possible while also maintaining a high validity ratio. These metrics are one of the crucial factors that are looked at when being picked for a private program by its administrators.
One part of researcher quality is indicated by the amount of reputation points this specific researcher has acquired on the platform.
At intigriti we have chosen to award our researchers for valid submissions, rather than punish them for occasional errors. Therefore the amount of reputation points for any researcher will only increase upon acceptance of valid submissions (and never decrease for invalid submissions).
For which submissions are reputation point awarded?
Acceptance of a submission (valid vulnerability)
Duplicate of a valid submission
How many reputation points will be awarded?
The amount of reputation points will vary according to the submission severity, first report / duplicate / accepted risk and are following:
None: 0 reputation points
Low: 5 reputation points
Medium: 20 reputation points
High: 25 reputation points
Critical: 40 reputation points
Exceptional: 50 reputation points
Duplicate: 1/5th of the reputation points of the parent submission
Different visualisations of these reputation points
Throughout the platform, we will use the reputation points in different visualisations:
All time reputation points shows the total of reputation points gathered by the researcher during his/her entire lifecycle on the platform. This metric gives an indication of seniority for the dependent researcher
90 days reputation points shows the amount of reputation points that is gathered by the researcher in the last 90 days (reputation points are awarded upon submission acceptance). This metric gives an indication of recent activity on the platform, and allows us to give recent talent a chance to be noticed
Another indicator that is used to measure quality for a researcher is his/her personal validity ratio. This ratio will provide us with an insight in the % of submissions that are considered to be valid in relation to the total amount of submissions that were submitted by this researcher.
What is considered to be a valid submission?
All accepted submissions
A submission that is rejected as duplicate of a valid submission
A submission that is rejected as accepted risk
A submission that is rejected as informative
What is considered to be an invalid submission?
A submission that is rejected as SPAM
A submission that is rejected as Not applicable
A submission that is rejected as Out of scope
A third metric on the platform is the streak. This metric shows us the top severity of all submissions that were submitted by this researcher in the last 90 days, given that these submissions were:
Accepted by the company
Rejected as a duplicate
Since the origin for this metric is the submission severity, possible values for the streak are:
Throughout the platform, different leaderboards exist:
All time leaderboard
Leaderboard from the last 90 days
Leaderboard per quarter
Leaderboard per month
Leaderboard per program
How do we rank our researchers?
At all times the leaderboard ranking is determined by reputation points (which are applicable for that specific leaderboard). In case of an ex aequo, streak will be used to break the tie.