How does Hacktrophy work and for which companies is it suitable?

  • 04.06.2017
  • 5 min. read

The Hacktrophy bug bounty program brings a major innovation in IT security for companies doing business online.

The Hacktrophy principle is simple but effective – the company declares a reward for finding security flaws in its application or on its website. Ethical hackers seek for these so-called vulnerabilities and report them before they can be misused. Then, the company will repair these bugs and pay a reward to the hacker through Hacktrophy.

Securing your online services in more effective way

Security testing of ethical hackers through so-called bug bounty programs is already considered to be standard of IT security in the Anglo-Saxon world. Generally, it is a very effective alternative or long-term add-on to penetration testing and security auditing, and allows even the mid-sized companies that can not afford expensive tests to test their IT security.

While complex one-time pen-tests provide the company with an overview of their overall level of security at a given date, the bug bounty program provides continuous testing of protection across a community of ethical hackers. Additionally, the company can use it to test a new feature, product, or service.

 What types of online services should I test with Hacktrophy?

  • Online services dealing with sensitive user data (e.g., personal, payment or accounting data),
  • e-shop or its part (new product category, new feature, …),
  • CRM system, its updated version or new feature,
  • online payment gateway,
  • a new feature of a website, an online application, or a service that works over the Internet,
  • in general, any new product that appears on the Internet or draws data from online databases,
  • third-party solutions located on your servers.

Ethical hackers against black-hat hackers

The way Hacktrophy tests the security of your online system is also a great advantage. While only a few security experts are responsible for internal IT security testing, dozens of hundreds of ethical hackers test the security through the bug bounty program. It is literally a competition for them – everyone in the system tries to proactively find a security vulnerability, but only the one who really finds it gets a reward.

In comparison to the  present online security testing, Hacktrophy is financially convenient

Rewards for ethical hackers are often significantly lower than the company’s monthly spending on security department. In Hacktrophy, you set the monthly or yearly limit for rewards for delivered reports from ethical hackers, so you never have to pay more than you can afford. Not to mention that the bug bounty program and hacker rewards cost the company far less than the damage that could be potentially caused by found vulnerability, including the cost of a damaged reputation.

From the start, the company has the ability to set goals and testing techniques, but also the types of vulnerabilities that are relevant to it or the amount of rewards for ethical hackers.

How does Hacktrophy work?

Bug Bounty Program Process


Hacktrophy is designed in a way so that any IT specialist, programmer or IT security specialist can use it. Hacktrophy also provide services for companies that do not have the appropriate professionals. In this program, the Hacktrophy experts help them with the whole safety testing process.

Enhance the security of your online projects!

Do you want to join the Hacktrophy bug bounty program but do not know how to get started? Go to our Support section where you’ll find the necessary instructions and information or do not hesitate to contact us. If you want to create your first bug bounty program directly at Hacktrophy, we can help you with the templates we’ve prepared for you along with our security experts.


IT safety newsletter for companies

Want to keep your company safe? Sign up for our newsletter and get regular tips and updates from the world of online safety.

Sign up