Upon launching your Researcher Program you have to define a maximum budget for rewards. Researchers will see how much you are willing to spend on your Researcher Program. Zerocopter can help you choose an appropriate budget based on your applications and program scope.
This budget has no relation to your monthly subscription fee. You will receive a separate invoice once per month for payments made by us towards researchers who have found vulnerabilities.
The researchers are from all over the world besides countries that are on the U.S. sanctions list.
For our researcher programs we work with a carefully selected group of security experts worldwide. We check personal information through an ID verification, review ethical hackers track record through an internet background check and the selection is done by our own security experts. When irregularities occur we are authorized to exclude a researcher from the community.
With a researcher program we offer the possibility to have a selected group of the best ethical hackers search for unknown vulnerabilities on your website. All researchers in our platform are screened and tested, so we can be sure we only work with the best and the most reliable researchers in the world. All reported issues are reviewed and validated by the Zerocopter’s Triage Team before publishing it to the dashboard. The researchers will be rewarded on a no-cure-no-pay basis, per approved vulnerability.
In a Responsible Disclosure policy you ask when someone discovers a vulnerability in your online environment to report it as soon as possible so you can address it quickly. This policy is visible to all of your users by for example mentioning it on your homepage. Vulnerabilities discovered by users are compiled by Zerocopter and reported to you in an easy to understand overview of the problem. The reports are presented in your own dashboard, you and your team will receive an email when a report has been added or edited.
The scanner finds known vulnerabilities in your site. Our scanner is a combination of the best vulnerabilities scanners available on the market. For example, Nessus is implemented in our scanner and we are working to implement more scanners for every aspect of your organisation.