Menu Icon
< back to main
 • 2 min read

Introducing the Hall of Fame

Introducing the Hall of Fame
Julie Kuhrt
Julie Kuhrt

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

hallofofame 1

Today, we’re excited to launch the Cobalt Hall of Fame, a place where we recognize the best security researchers on our platform. While many researchers have received monetary rewards and thank you messages from businesses across the world, we want to highlight the great efforts our security researchers have taken to make the web a safer place.

Cash Rewards + Hall of Fame

The “Hall of Fame” is a widely recognized way to highlight the contributions and efforts of testers in the bug bounty community. In some cases, businesses do not offer cash rewards, rather they only mention security testers in their respective Hall of Fame. At Cobalt, we believe that quality reward programs need both cash rewards and a hall of fame mention. The cash reward gives a tester motivation to take time to look deep into the application, while a hall of fame adds a competition element as well as the personal recognition that skilled testers deserve.

Cobalt Researcher Rankings

On the Cobalt platform, all vulnerability report feedback is given directly to researchers by the businesses hosting bug bounty programs. Business feedback plays an important role in determining a security researcher’s overall Rep score. Below are the current scores given based on vulnerability.

In addition to scoring vulnerability feedback, the businesses also give feedback on the quality of vulnerability reports (on a 1 to 5 scale). Overall, a high report quality can increase a tester’s Rep score up to 50%.

Duplicates, Rejections, and Out of Scope

Duplicate vulnerabilities are a regular discussion topic in the security research community. Here is how we handle common vulnerabilities in the Cobalt Hall of Fame:

  • Duplicate vulnerabilities are given a positive score to recognize the value of their work despite the issue being found by another tester.

  • Rejected vulnerabilities are given a neutral score.

  • Vulnerabilities assessed as “Out of Scope” negatively impact a tester’s score. Because these various vulnerability ratings can potentially negatively impact scores, it is important that testers understand the detail and scope of the bounty programs in which they participate.

Congratulations to the testers who are currently listed on the Hall of Fame — we look forward to seeing who will join these researchers in the future. Best of luck!

Related Stories

Cybersecurity Statistics for 2021
Cybersecurity Statistics for 2021
What's new in ransomware, social engineering, and many other security threats
Read moreArrow Right
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
The State of Pentesting 2021: Common Vulnerabilities, Findings, and Why Teams Struggle With Remediation
Each year, we publish The State of Pentesting report to provide a detailed overview of vulnerabilities and identify the trends and hazards that impact the cybersecurity community.
Read moreArrow Right
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
How to Build Resilience in Cybersecurity: 4 Lessons Learned From Military Experience
What better group to turn to for advice than security leaders who have worked on the front lines of risk and uncertainty?
Read moreArrow Right
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
New Ebook: Beginner’s Guide to Compliance-Driven Pentesting
Find out more about the role of pentesting in your company’s compliance effort.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens