$0 for dashboard usage
$0 for access to 7000 hackers
$0 for program kick-off
10% fee for valid bugs

Our customers only pay for vetted bugs and triage services.
We handle all policy and payment transactions.
Access to the HackenProof platform will always be free.

Ease into
bug bounty
Use HackenProof dashboard to validate
hacker reports yourself, only paying a
10% bug fee.
+ 10% bug fee
  • Customer support
  • Launch up to 2 public Bug Bounty
Get your turnkey program
Triaging hacker reports is cumbersome job.
Delegate it to us and get only the vuln
reports you don't want to miss.
/ month with yearly subscription
$1400 with monthly payment
+ 10% bug fee
  • Dedicated program manager
  • Launch up to 2 Bug Bounty Programs,
    private or public
Go beyond casual
bug hunt
Pre-program vulnerability assessment, full
triage, 10% off on pentest by Hacken, and a live
hacking challenge to elevate your program!
/ month with yearly subscription
$2000 with monthly payment
+ 10% bug fee
  • Dedicated program manager
  • Launch up to 5 Bug Bounty Programs,
    private or public
  • Pre-Vulnerability Assessment
  • 10% off on pentest from Hacken

Frequently Asked Questions

A bug bounty is a program where a company provides a monetary reward to an independent security hacker who reports a bug or a security vulnerability. Rewards can vary from hundreds to thousands of dollars depending on the impact and severity of the vulnerability.
We believe that a crowdsourced approach to security is the natural evolution of traditional penetration testing. For many organizations, running a variety of vulnerability scanners and penetration tests is the only solution for cybersecurity. It’s also no secret that, no matter how advanced, automation only goes so far–it finds only what it knows.
Private programs are fully confidential and are available only to a selected number of hackers. They offer our clients the opportunity to tap into the power of crowdsourced security testing – a vast number of testers with rich skill sets and perspectives for focused testing in an invite-only program.
The reported bug must be recognized by the company as a valid unique bug within the program scope, which can be reproduced and verified by the company.