Skip to main content

Featured VDP

Showcase your VDP on the YesWeHack platform to increase its visibility

Updated over a week ago

Feature the VDP on the YesWeHack platform

"Featured VDP" is a new platform feature that will showcase Vulnerability Disclosure policies (VDP) to the YesWeHack Hunters community, instead of having VDP only on specific external webpages.

It enables organisations to:

  • Collect more vulnerabilities impacting their assets

  • Ensure the quality of reported vulnerabilities by leveraging YesWeHack's Hunters

  • Facilitate the communication between Hunters and Organisations.

How does it work?

  • As an organisation, when you subscribe to a featured VDP, you will then see two different tabs in your Admin Panel: "Featured VDP" and "VDP".

  • In general, “Featured VDP” have no scopes, as for any other VDP, but you can exceptionnally add ones.

  • Hunters will access a new "VDP" tab in their Programs list.

⚠️ Hunters will not receive reward, nor points, for Featured VDP reports.

Visibility & reporting

Featured VDP programs include a new parameter to limit the report submission to KYC Hunters. It also allows to hide programs to non-authenticated users.

ℹ️ The combination KYC Required = false AND Pre-auth Visibility = false is impossible.

This parameter named "Hunter audience" accepts 3 options:

  • Verified (Recommended): The program is visible to anyone and the report submission is only available to KYC verified Hunters.

  • Authenticated & Verified: The program information and report submission are only visible to KYC verified Hunters.

  • Global: The report submission is allowed for any Hunters from the YesWeHack community.

How to create a Featured VDP?

VDPs can now be featured on the platform and displayed to YesWeHack hunters, in a dedicated tab.

ℹ️ You must be a Business Unit Owner or a Business Unit Manager to be able to create Featured VDP programs.

  • Go to the "Admin Panel"

  • Click on “Featured VDP" tab

  • Click on "+Featured VDP" to create a new program

  • The configuration panel of the Featured VDP is very similar to other platform products to simplify set up

  • Fill in “VDP details & configuration”:

    • Title and tags

    • VDP state (enabled or disabled)

    • Hunter audience

    • Reporting which enables or not Hunters to attach videos to their vulnerability reports

    • Attractiveness (As mentioned in the first part of this article, Hunters will not receive rewards, nor points, for submitted VDP reports, but thank Hunters for their help.)

    • Define a Service Level Agreement (SLA)

  • Write your “Policy” description

ℹ️ Reach out to your Customer Success Manager (CSM) if you would like to have guidance.

  • Click on “Create”

Related Articles
How to create & publish a standard VDP
Vulnerability Disclosure Policy on YesWeHack
VDP reports
Changelog 2025-03
Changelog 2024-12
Did this answer your question?