Program updates allow you to communicate to the researchers on your platform and can be used as an effective way to drive activity and engagement on your program.

When can I use Program Updates?

Program updates can be used for many different reasons, below are the most common uses:

  1. Functionality updates - you could sync these updates to your release cycle and even opt to send them out automatically based on release notes, using our API.

  2. Technical updates - a new version or a rewrite of certain aspects of your applications, can also be communicated through an update

  3. Changes to the test credentials you're providing, for example when more privileges are being offered in the testing scope

  4. Additional (temporary) incentives - a Bonus Week where researchers receive a 20% bonus for certain assets, vulnerabilities etc.

  5. Highlighting program rules

Who gets notified?

  • On a Private program: All researchers who have accepted the invitation will receive the update.

  • On an Application program: all researchers who accepted the invite before the change in confidentiality + all researchers who have submitted a vulnerability on your program since

  • Registered or Public program, same as application + all researchers who are following your program

!! Important note

If you send out an update about a scope change, be sure to also update the Domains or Program Details!

Where can I send out an update?

As a Program Editor, Program Admin or Company Admin, you can go to the Program menu / Updates and prepare an update. You can prepare an update as a draft and publish it later.

Updates can be found in the program menu:

Updates can be drafted and saved as a draft (Save) or Published immediately.

You can write a draft and ask you success manager to double check.

Examples

New functionalities

Title: New functionalities available!

Body:

Dear researchers,

Good news! We have added new hunting ground to our program!

As of now, we support xx functionality on xx applications.

We're curious to know what you can find 👀👀

Happy hunting,

Heavy scanning

Title: Note on Heavy scanning

Body:

Dear researchers,

We are currently experiencing heavy loads because of intrusive testing.
Please stop your heavy scanning and adhere to the limit of 5 requests / second, as stated in the program description.

Keep in mind the Intigriti code of conduct which expects you to adhere to program rules at all times.
https://kb.intigriti.com/en/articles/5247238-community-code-of-conduct

Thanks,

Did this answer your question?