scroll it

Bug Bounty Testing Clarity: What Are Researchers Doing?

Brandon Torio
0% read

Bug bounty programs offer a powerful way to get diverse perspectives on your attack surface and find exploitable vulnerabilities. But how can you be sure that the security researchers participating haven’t missed something, or that they’ve checked the parts of your attack surface that matter most?

At Synack, our solution takes the best elements of a bug bounty program by utilizing the Synack Red Team, a global community of 1,500+ vetted researchers to find vulnerabilities across your attack surface. Researchers are incentivized with payouts that match the severity of their findings; payouts are handled by Synack and are included in your subscription cost. And results are triaged by Synack’s in-house team, lightening the load for your internal security teams.

All testing is enabled through the Synack Platform, which provides unmatched visibility into researcher activity and the ability to communicate with researchers to recreate findings or to verify patches implemented.

Know What’s Being Tested, Where It’s Happening and How Often It’s Occurring 

With Synack365, you can find relief in being able to view researcher activity in real time and start and stop tests as needed. To provide better testing oversight, we maintain live views that list all API, web and host assets being tested. 

How many researchers are testing these assets, and where are they looking for vulnerabilities? What kinds of vulnerabilities are they checking for? Synack’s Coverage Analytics reveals researcher activity for full transparency. With Coverage Analytics, you are able to identify which web or host assets have been tested and the nature of the testing performed. This is helpful for auditing purposes and provides proof of testing activity. 

Unmatched Oversight of Coverage 

Other forms of security testing are unable to provide the details and information coming from Coverage Anayltics. Bug bounty testing typically goes through the untraceable public internet or via tagged headers, which require security researcher cooperation. The number of researchers and hours of testing are not easily tracked via these methods, if at all. 

Traditional penetration testing, too, doesn’t have direct measurement capabilities. Our LaunchPoint VPN infrastructure connects the Synack Red Team and customer assets, so you have better visibility of the measurable traffic during a test. We frequently hear that customers are required to provide this kind of information for proof of testing to their auditors in financial services and other industries.

A look at the Classified Traffic & Vulnerabilities view in Synack’s Coverage Analytics. Sample data has been used for illustration purposes.

Benefits of Coverage Analytics

  • Know what’s being tested within your web and host assets: where, when and how much 
  • View the traffic generated by the Synack Red Team during pentesting
  • Take next steps with confidence; identify where you may need supplemental testing and how to prioritize it

Starting today, security leaders can reduce the unknowns of adversarial testing by knowing what’s being tested, where and how much at any time across both web and host assets. Coverage Analytics makes sharing findings with executive leaders, board members or auditors simple.

If you have questions or are interested in learning more about Coverage Analytics, part of Synack’s Better Way to Pentest, contact us today.