Audit & Bug Bounty (BB)
Bug Bounty program - also known as a vulnerability rewards program (VRP), offers rewards to individuals (security researchers, hackers) for uncovering and reporting software bugs. The public Bug Bounty program has unlimited time and budget and everyone on the platform can participate. Bug bounty can be done for both closed and open-source code.
Audit - is a service that will be done by a specific company auditor for a limited time and money and by limited specialists. Auditing can be done for both closed and open-source code.
Option | Bug Bounty | Audit by company |
---|---|---|
Limited time | usually no | yes |
Limited budget | usually no | yes |
Everyone can submit vulnaribility report | yes (and no for private programs) | no |
Program owner (client) can pay in native token, stable coins, fiat | yes | no (usually stable coins and fiat) |
Only specific company can participate | no | yes |
Can be done for both closed and open-source code | yes | yes |
Last updated