Intigriti’s bug bounty platform is catching on. The Dutch company raised 21 million euros in its most recent investment round.
Intigriti’s platform targets two audiences: hackers and organizations. For organizations, the platform offers all the technical requirements for a bug bounty programme. Intigriti arranges the payment infrastructure and a network of 40,000 hackers. For hackers, the platform offers a central dashboard with a wide range of bug bounty programmes. Some hackers use Intigriti as a fixed income stream. For them, bug bounties aren’t a bonus, but a full-time job.
In the most recent investment round, Intigriti raised 21 million euro. The platform is a success. Bug bounty programmes allow organizations to outsource security tests. The alternative is working with a pen testing company. Although there’s nothing wrong with the latter, bug bounty programmes have strength in numbers. Intigriti has a following of 40,000 hackers. This group almost always possesses the skills required to pen-test your systems.
Intigriti bug bounty platform
The sole intermediary is Intigriti, which stays in the background as much as possible. Hackers log in, browse through the available programs, communicate with the client and get to work. When the bug is found, the hacker provides the evidence and is paid through Intigriti. If there’s any doubt about the integrity of a client or hacker, Intigriti jumps in. Everyone is assured of a fair result, without premiums and unexpected costs.
The first investment round took place in 2020. According to Integriti, turnover has increased by 650 percent since then. Most of the organization’s clients are active in Europe. Now, Intigriti looks towards the US and Asia. “We expect crowdsourced security to become a standard career option for talented cybersecurity professionals by 2026”, says Stijn Jans, Chief Executive at Intigriti. “While the remote working culture introduced new security risks, it also provided companies with the opportunity to work with international talent that was previously out of reach.”
Among Intigriti’s clients are the European Commission, Brussels Airlines, Randstad and Kinepolis. Other organizations initiate bug bounty programmes on their own. For instance, Google paid out over 7 million euros to independent security researchers through its Vulnerability Reward Program in 2021. Some hackers received rewards of more than 100,000 dollars. At Intigriti, prizes are rarely this high. Many bounties amount to hundreds or thousands of euros, as illustrated below. The amounts are proportional to the time and skill expected from a hacker. This lowers the barrier of entry. Hackers can work professionally by choosing assignments that match their availability and knowledge.