Close

Other sites

Close

JOIN US

Be part of one of the most trusted Bug Bounty platform.

Why YesWeHack?

YesWeHack is an innovative and ambitious company
Acting as a learning lab, YesWeHack mobilizes the power of its global community to make security agile and accelerate digital transformation of its clients.
Already #1 in Europe
Launched in 2013, YesWeHack has become the European leader in Bug Bounty, with offices in France, Switzerland and Singapore.
Strong values and a global vision
YesWeHack founders have always supported the recognition of cybersecurity researchers and their decisive contribution to the Internet global security.

“For my first bug bounty, i was very happy. Thank you a lot YesWeHack”

 

– Sébastien Andrivet 

“A bug hunter is to Bug Bounty, what the muzzle is to the dog : it’s all about flair! ;)”

 

– SaxX 

“YesWeHack platform provides an effective framework that fosters researchers’ trust towards client programs.”

 

– Hisxo 

1
3

What we offer

The best bug bounty programs
Founded in 2013, YesWeHack pioneered Bug Bounty in Europe and established the first research community in Europe, securing organizations of all industries and sizes – from startups to government departments.
The most trusted community of white hat hackers
YesWeHack ensures the protection of its researchers by providing a trusted technological, legal and financial framework – compliant with the most demanding standards.
By researchers, for researchers
YesWeHack founders are deeply rooted in the global community of cybersecurity researchers – proudly heralding their freedom, creativity and responsibility values.
Frequently Asked Questions
What is Bug Bounty ?

Bug Bounty applies the principle of crowdsourcing to cybersecurity: mobilize a community of experts, to test a scope and reward these researchers for each vulnerability discovered, according to its severity and the quality of the report provided. Initiated by Netscape in 1995, the Bug Bounty transforms the cybersecurity posture of organizations by bringing together security effectiveness, agility and ROI.

How YesWeHack was created?

YesWeHack was created in 2013 by experts and cybersecurity enthusiasts, deeply rooted in the the researcher’s community, and then holding executive positions as cybersecurity consulting partners or CISOs. Their dual experience as cybersecurity researchers AND professionals led them to the following conclusions: – Organizations lacks proper Coordinated Vulnerability Disclosure process for researchers to safely report vulnerabilities they discover; – Researchers are not encouraged enough for their efforts and contribution to global cybersecurity; – Organizations growing needs for agility are not satisfied by traditional solutions, whose ROI is also difficult to measure; – Those traditional solutions leave too many dead angles on these organizations attack surfaces; – The chronic shortage of cybersecurity skills is a major challenge for both client organizations and service providers. – Based on these findings, they created a platform connecting organizations and researchers ensuring the confidentiality and security expected by both parties: yeswehehack.com.

What is a "researcher"?

A researcher (or “hunter”) is a individual who detects and reports vulnerabilities through a Coordinated Vulnerability Disclosure or a Bug Bounty program – and thus works at the overall improvement of cybersecurity.

How are the researchers rewarded?

For each vulnerability, only the researcher who submitted the first valid report is rewarded. Researchers are rewarded according to a predefined grid for each program: the level of severity of the vulnerability, as qualified by the client, thus determines the amount of the reward. Bounty payment is managed by a third-party payment platform that meets European compliance requirements and thus guarantees traceability of financial flows. Points are also awarded, in particular according to the quality of the report and the remediation. These points allow researchers to climb in our ranking, and thus encourage them to provide a qualitative experience to the client.

How does YesWeHack guarantee the integrity and ethics of its researchers?

By registering to our platform, our researchers sign our GTU committing them to strictly comply with the rules of each program they participate, as well as the confidentiality of the data to which they are likely to access. Our hunters also agree to comply with the fiscal obligations of the country they legally belong to, according to their status and place of residence. In addition, the financial rewarding of researchers submits them to a prior screening (KYC) through our payment platform. Finally, researchers are rewarded with points used to rank them on our platform. This rating takes into account the quality of their interactions with customers, and thus encourages them to offer the best possible experience.