Bug Bounty and compliance
ℹ️ You must be a Business Unit Manager or a Business Unit Owner to generate a Bug Bounty certificate.
Organisations are often required to demonstrate their security testing strategies and practices—whether to regulatory authorities for compliance purposes or to key stakeholders such as vendors, customers, and partners.
YesWeHack provides a Certificate of Bug Bounty to help with this need. This certificate confirms your active participation in a Bug Bounty program on the YesWeHack platform. It is available for both public and private programs.
The Certificate of Bug Bounty serves as official proof that your organisation is running one or more Bug Bounty programs on the platform. It also specifies the assets included and the start date of each program.
How to generate a certificate
Go to the “Admin Panel”
Click on “Bug Bounty certificates” in the left-side menu
Click on “Generate certificate” on this page
Select the program and scopes you would like to include in this certificate
Click on “Next”
Fill out the company’s information. This will appear in the certificate’s header
Click on “Generate”
The certificate will then appear as pending. It will then be validated by YesWeHack and made available to download as a PDF.
The Business Unit Managers will receive an email notification when the certificate is ready.