Intigriti, Europe’s leading crowdsourced security platform, today announced a significant expansion of its bug bounty platform offerings with the launch of Hybrid Pentesting. The Penetration Testing as a Service (PTaas) solution combines the pay-for-impact approach of bug bounty programs with the dedicated resourcing strategy found with classic penetration testing. The innovative cybersecurity testing method goes beyond what’s currently available on the market to further empowers businesses to counter modern-day cyber threats.
Hybrid Pentesting means organizations achieve results faster than traditional pentests
Hybrid Pentests maintain the time-boxed component of traditional pentesting while tapping into specialized hacking know-how from Intigriti’s community of 50,000 security researchers. A major benefit of Intigriti’s hybrid approach is that it ensures organizations see visible and transparent results delivered within just two weeks. This is significantly faster than traditional pentests, which typically require up to one month to perform the test and then an additional two weeks to get the test results. Given the fast pace of threat evolution, this waiting period can leave companies unaware of potential security issues and open to exploitation.
Hybrid Pentesting supports IS027001 and SOC2 for compliance-focussed security testing
Further, organizations can now use Intigriti’s crowdsourced platform to fulfill testing and compliance requirements. Compliance attestations are increasingly required by companies and authorities calling for documented proof of a penetration test. Intigriti’s Hybrid Pentests provide a letter of attestation that companies can share to prove the security maturity of their products.
The new offering will not only assist with compliance requirements, but also open new opportunities for organizations that want to trial crowdsourced security platforms while maintaining a controlled environment.
“Pentesting remains the gold standard for companies and authorities focused on security compliance,” says Pascal Schulz, Hybrid Pentest Manager at Intigriti. “At the same time, we see an increasing awareness of the need for continuous security testing that pentests have not been able to deliver. A hybrid methodology meets both these needs while providing a balanced and agile approach to security testing.”
The solution also brings a new format for seasoned bug bounty hunters to earn a sustainable living
Unlike bug bounty hunting, Intigriti’s Hybrid Pentests ensure security researchers are also paid for the hours they spend searching for vulnerabilities. However, the ability for researchers to earn a bounty reward for every individual bug found during the test stays put, increasing their motivation to ensure they produce results for every test.
Matti Bijnens, a top-performing ethical hacker on Intigriti’s platform who purchased a Tesla car using the bug bounties he earned, has already participated as an Intigriti Hybrid Pentester. Talking about his experience so far, he said “I love that I get to dive deeper into functionality, without risking ending up with no bounties. Having the base fee ensures I don’t feel like I’m wasting my time following leads. This often results in finding the most interesting vulnerabilities.”
Learn more about Intigriti’s Hybrid Pentesting solution.