Walk-Run-Fly with SafeHats Program
Program Features
Enterprise Program
  • Security Loving Enterprise
  • On demand testing solutions for their product releases
Private Managed Program
  • Enterprise that wants to be the best in offering secure products
  • Safehats managed VRP. Have access to high quality hackers and time bound programs.
Public Programs
  • Set Bountry Amount or Swags.
  • Access to thousands of talented security researchers who are ready to help you to find and report bug
Vulnerability Management
Security page
ISO 2914 Compliance
Bounty Management
Bounty Guidance
Bounty Processing
Researcher Engagement
Managed bounty services
Program management
Hacker Reputation
Hacker messaging
Hacker invitation
Triage Services
Mediation Services Limited Unlimited
Frequently Asked Questions
How do I know which program to start with?

Programs has been designed for enterprises based on their level of security maturity. Early adopters are recommended to start with enterprise program. It is designed for enterprises who want to conduct penetration testing at fixed intervals. Security matured enterprises are recommended with private managed program.

Safehats team will manage the entire program so that they could focus on bug fixing. Once the enterprise is confident of his security posture and want to expose its application to public to receive vulnerability reports that is difficult to exploit.

When is the right time to start bug bounty program?

Security is a continuous effort. With Safehats program, you can run continuous security testing of your applications. With pay per bug (PPB) model approach, it is extremely cost effective solution compared to traditional penetration testing.

What is the bounty amount and minimum budget that I need to set?

We will provide you guidance in setting the bounty amount and bounty budget. It is advisable to allocate budget for minimum six months to one year to see significant benefits and returns on your investment.

Can I hold or disable my program?

Yes it is possible to hold or disable program after the program runs for few months on case to case basis.