Creating a Program

To launch your bug bounty program for your product or application, you need to create a program.

Creating a program is simple. Just follow these steps:

1. Log in to your organization account, go to the "Program" menu, and click the '+' icon in the top right corner of the page.

1. Select your desired program type (Managed or Unmanaged).

2. If you choose "Managed," it will prompt you to select either a public or private program. Since we currently do not offer private programs, select "Public."

1. After selecting "Public Program," you will be prompted to choose between running a "Reward & Points" program or a "Points Only" program.

1. Once you select 'Reward & Point,' you can add the program details.

• Program Name: The name of your product/app, which will be publicly available to all users.

• Tagline: The product tagline, if you have one.

• Description: A description of your product that explains what it is all about.

• Additional Description: Any extra information you want to include.

• Upload Logo: Upload your product logo.

For example, we will be creating a Program of 'eSewa' , here's how it is done.

1. After entering all the details, click on 'Continue' to access the target form.

Here, you’ll need to specify the scope or testing URLs where you intend to conduct security testing, defining the areas for researchers to focus on during the assessment.

You can add more targets by clicking the '+' icon in the top right corner. Currently, we support the following target types:

• Website

• API

• Android

• iOS

For Android and iOS, you can include the Play Store or App Store link.

1. After adding the targets, click on 'Continue' to proceed to the next step, where you will add the reward.

Here, you can define your own reward range based on the severity of the vulnerabilities.

Note: The rewards must be listed in descending order.

1. After adding the rewards, click on 'Continue' to review your program. You can edit or make changes if needed.

2. Once you’re satisfied, click on 'Submit.' Your program will require approval before going LIVE, which typically takes 1-2 business days.

3. Your recently created program will appear on the program page with a status of 'Pending.'