Bug Bounty

Bug Bounty Program

Run a world-class bug bounty program. Accept reports, triage by severity, fix vulnerabilities, and reward researchers.

Start Free Read the Docs

Capabilities

Complete bounty management

Submission Portal

Structured vulnerability submission with severity classification, reproduction steps, and CVE tracking.

Severity Triage

Four-level severity system: Low, Medium, High, Critical. Route by severity for appropriate response times.

Reward Management

Configurable reward ranges per program. Track payouts, pending rewards, and total bounty spend.

Program Management

Define scope, rules, reward ranges, and eligibility. Run multiple programs for different products.

Submission Workflow

Full lifecycle tracking from submission through triage, acceptance, fix, and payout.

Difficulty Rating

Rate vulnerability difficulty from trivial to critical. Inform reward decisions with effort-based scoring.

Developer Integration

Manage bounties programmatically

bug-bounty.ts

import { DRD } from '@drd/sdk';

const drd = new DRD({ token: 'drd_live_sk_...' });

// Create a program
await drd.bugBounty.createProgram({
  name: 'Platform Security',
  scope: 'All public APIs',
  minReward: 100,
  maxReward: 10000,
});

// Submit a vulnerability
await drd.bugBounty.createSubmission({
  title: 'IDOR in profile API',
  severity: 'high',
  description: 'Unauthorized access...',
  reproductionSteps: '1. Send GET...',
});

Secure your platform

Harness the global security community. Run a bounty program that finds vulnerabilities before attackers do.

Get started free View documentation