There are many different programs of which to choose from, some have different criteria to meet in order to participate. There are public program, registered programs, application programs, and private programs, all of which you can learn more about here.

On the Intigriti platform you can browse through the available programs and make a choice on what you like the look of and at what captures your interest at first. Next read through the program details to understand which domains are relevant. Pay close attention to what is in scope, and what is out of scope as this is critically important in safeguarding researchers. The customer has set up the program specifically for testing on the information provided, so this needs to be understood and respected. There may be limits to what methods can be used for performing tests. Therefore, if you have certain vulnerabilities you prefer to test, this is another reason to be clear on what is permitted.

If you like the program and have began testing it be sure to follow it, because occasionally there will be updates which you will receive notifications on, this could be something that was previously out of scope, and now could possibly be added into scope, or vice versa. maybe more domains could be added, there are any number of updates that could occur.