About Crowdfense

Which vulnerability/exploit types are eligible?

voidsec2024-02-29T17:32:34+04:00We acquire high-risk vulnerabilities accompanied by a fully functional and reliable exploit. Please refer to our Exploit Acquisition Program for a list of eligible exploits and scope.

What are the benefits of reporting a vulnerability to Crowdfense instead of reporting directly to the vendor?

voidsec2024-02-20T15:46:04+04:00We pay the highest bounties in the industry. Our payouts will exceed everything that a vendor can offer. We believe researchers need to get paid for their efforts, and we are willing to offer higher rewards. Our Vulnerability Research Hub (VRH) offers a streamlined process from vulnerability submission to reclaiming your bounty.

Why submit through Crowdfense?

voidsec2024-02-20T15:45:08+04:00We pay the highest bounties in the industry. We believe researchers need to get paid for their efforts, and we are willing to offer higher rewards. Our Vulnerability Research Hub (VRH) offers a streamlined process from vulnerability submission to reclaiming your bounty.

Is Crowdfense hiring security researchers?

voidsec2024-02-29T17:31:25+04:00We often seek vulnerability researchers to join our internal zero-day research team. Crowdfense researchers conduct cutting-edge vulnerability research and exploit development. They find zero-day vulnerabilities, write in-depth root-cause analyses, contextualise the vulnerabilities and attack vectors, and identify patterns in emerging and established attack surface areas. Visit our careers page to find employment opportunities.

Who are Crowdfense’s customers?

voidsec2024-02-20T12:20:47+04:00Crowdfense customers are government institutions in need of advanced zero-day exploits and cyber security capabilities. Crowdfense adheres to unparalleled export control, compliance, due diligence, and vetting standards to ensure transparency and accountability for the world’s most trusted vulnerability acquisition platform.

How is the acquired security research used by Crowdfense?

voidsec2024-02-20T12:20:24+04:00Crowdfense reviews, tests and validates all the acquired vulnerability research. It's then customized and documented and then provided to institutional clients.

What are the differences between Crowdfense and other bug bounty programs?

voidsec2024-02-20T12:20:05+04:00We pay the highest bounties in the industry. Our payouts will exceed what other bug bounty programs can offer. We believe researchers need to get paid for their efforts, and we are willing to offer higher rewards. Our Vulnerability Research Hub (VRH) offers a streamlined process from vulnerability submission to reclaiming your bounty.

What is Crowdfense?

voidsec2024-05-29T00:00:22+04:00Crowdfense is the world-leading research hub and acquisition platform for high-quality zero-day exploits and advanced vulnerability research. Led by cybersecurity experts, our platform hosts a global community of top-tier independent researchers with unmatched skills in advanced vulnerability research and exploit development. Crowdfense pays the highest bounties in the industry to acquire zero-day exploits and advanced vulnerability research.