Vulnerability Intelligence Platform

Real-time actionable security insights from a global community of 1000+ verified security experts enabling the rapid discovery, prioritisation & remediation of Cyber Security Vulnerabilities that exist in your organisation today.

Rapidly Discover, Monitor & Eliminate Cyber Vulnerabilities

Agile Security

Empower your agile development with our platform’s proactive vulnerability identification and remediation tools.

Community Powered

Our platform connects you to over 1000 skilled global security researchers, proactively detecting & preventing exploits before they happen.

Continuous Testing

Revolutionise your security testing with our platform. Get real-time, vetted bug reports from top-tier global researchers within minutes & hours.

High Velocity, Intelligent & Community-Powered penetration testing

Secure, scalable and economical to adopt, the CTB platform enables you to harness the collective intelligence of a global community of 1000+ security researchers and ethical hackers to identify, prioritise, and remediate security vulnerabilities in your critical digital assets.

Capture the Bug's Services Available Today

Bug Bounty Program

Harness the power of our expert global community of security researchers to proactively identify and address hidden critical vulnerabilities on your public-facing assets. Our platform incentivizes researchers with bounties, ensuring you receive continuous testing and protection.

VDP – Vulnerability Disclosure Program

Our platform provides a secure channel for bounty hunters to report their security findings directly to you, helping you stay ahead of potential threats and protect your systems from malicious actors. By implementing a VDP, yous can demonstrate your commitment to security and transparency.

Early detection and mitigation of vulnerabilities

With our vulnerability intelligence platform, businesses can access global community of skilled security researchers to perform a pentest tailored to their specific needs. This is a faster, smarter, community powered and agile way of doing penetration testing.

What is a Vulnerability Intelligence Platform?

CTB’s Community-powered Vulnerability Intelligence Platform delivers modern and frictionless vulnerability disclosure, penetration testing and bug bounty services that provides organisations like yours a more cost efficient and targeted approach to cyber security as part of multi-layered strategy.

We deliver real-time threat intelligence and value based pricing, scalability, agility, faster vulnerability identification, and customisation to meet your unique needs. With access to a community of 1000+ skilled security professionals, you will identify and address potential security risks quickly and stay ahead of emerging threats.

Are you a Security Researcher?

Be a Part of Our Bug Buster Community

Our vibrant and diverse global community of over 1000 security researchers & ethical hackers possess the knowledge and expertise required to test for a wide range of vulnerabilities in any application. We foster knowledge sharing and are actively working to grow the pool of security researchers across the globe.

Capture The Bug security researchers who perform security testing
uses a variety of methodologies including the following

Why Capture the bug?

CTB’s gives access to 1000+ verified global security experts who detect & respond to critical vulnerabilities – well beyond traditional and automated toolchains.

24/7 Protection

Leverage thousands of researchers to continuously find vulnerabilities in your product with CTB’s Bug Bounty program, integrated into your Software Development lifecycle.

Responsible Disclosure

Our CTB platform provides a proven framework for responsible vulnerability reporting and builds positive relationships with ethical hackers. A great place to start your cyber security partnership with us.

What Our Clients Say About Us

Frequently Asked Question

The bounty is the financial reward our security researchers get if they find a verified bug or vulnerability in your site. In the private sector this approach is leveraged all over the world by companies including Amazon, Google, Apple and Paypal not to mention public sector local and central governments including Australia, Switzerland and Europe. In 2016 The US Department of Defence introduced “Hack the Pentagon”, which resulted in 138 vulnerabilities being identified and resolved.

Don’t worry: our ethical hackers are the good guys! But here at CTB we fully understand that trust and confidence is key; therefore we operate on a zero trust basis and stringently work to validate and verify all the security researchers and ethical hacker community that wish to join the Capture the Bug community to support our customers. Our ethical hackers will knock on any “unlocked” doors, but they won’t enter. The clear and unwavering objective is to find critical issues in your systems before they are exploited by the bad guys.

All the security researchers in our team have been formally IDed so we know exactly who they are. Our “hackers” are actually tech specialists with incredible tech skills that they put to work in this way to challenge themselves and make extra money, legally.

You’ll get a full report on what the bug is so your in-house team can fix it. If you need help addressing it, we can help you there, too.

Unfortunately when it comes to cyber crime no business is immune regardless of size or scale. SME’s are targeted all the time – often it’s just the big businesses that make the news. We know of businesses that have had their websites hacked and taken over, internal quote systems shut down meaning they can’t do business, and customer data stolen. Everyone is a target; security providers detected more than 169,000 threats to New Zealand since the middle of last year. Cyber criminals are relentless. Harness the expertise of our hacking community with our next-gen Intelligent Penetration testing. Our cost-efficient and scalable ‘Penetration Testing as a Service’ model ensures expert skills are at your fingertips, thanks to the Capture The Bugs ethical hacking community.

We have not seen that happen. It could perhaps be argued that a zero-day vulnerability or an exploit is worth so much in the black market that a security researcher could be tempted into selling it there rather than getting a bounty from the owner of the system or product. But for some reason, that is not how bug hunters act.

The main reason is that the skill to find zero-days only comes over several years, and once you have several years of experience, you also have a professional profile that’s tied to your past accomplishments. You have earned a reputation in the infosec community, that it does not make sense to risk it all.

Ethical hackers abide by a standard of ethics and morals but are also Id verified before being hired.

Background checks are carried out and documents such as Disclosure policy and confidentiality agreements are signed.

In addition to that, there are the Rules of Engagement,

“It’s a document that expressly outlines what the limits are for the ethical hacker. helping them to provide a strict boundary about what they are allowed to do, and what systems they’re allowed to target.