Bug Bounty programs

6ix IT launch this bug bounty program to improve global security over the Internet. Privacy and personnal data becomes more and more sensitive, that's why we offer this bug bounty program platform.

As a company you can offer as much bug boutny programs (and rewards) as you want. Describe your application and what part you want to be tested. Code source analysis, pentest or malwar analysis (reverse enginnering), just setup your needs. The CrowdSec community will handle it and start to finds bugs.

Crowdsourced security - Your own BugBounty Program

Discover why you should offer a bug bounty program

Crowdsec is a crowdsourced security program which goal is to make profit any connected company for the security consultants skills. Using the crowsourced model, any skilled hacker can help you finding (and fix) your security bugs. This project have been designed to encourage security research for every website exposed on the Internet and to reward those who help us create a safest Internet.

You'll only pay for discovered vulnerabilities.
Adobe, Mozilla, Facebook, Google or Paypal. Most of the mains IT enterprises are using bug bounty programs.


With Crowdsec, you're in control how much you spend for your security. To make sure you see results from your bug bounty, there's a minimum budget of 50€ per month. Beyond that, how much more you spend is up to you.

Only pay for results

You only pay when vulnerability are found. There are no additional fees so your budget is spent entirely on finding conception flaws or application vulnerability.

Set your monthly budget

This option will be soon available on Crowdsec platform. You'll be able to adjust your budget, start, stop or change your managed program at any time.

How to

Create as much as bug bounty program as you want.

You're starting a new website ? Get it tested by the best IT security expert.
You think your application is not secure or your got any doubt on the reliability of your developpers ? Run a pentest on it. Need a malware analysis ? Here we are.

Setup your bug bounty program.


  • Public: Any registred ITSec Expert can see & work at your application. Just review submitted vuln.
  • Private: Programs detail is hidden, YOU choose who you want to work on your apps.

Types of audit:

  • Code source analysis: Attach your sourcecode and wait for code abnormality to be found
  • Pentest: Get your website pentested
  • Reverse enginneering: Get your malware or any other binary analyzed.

Increase your security

As a registred bug bounty owner, you'll be able to visualize and review the discovered vulnerability.

Running a BugBountyProgram on Crowdsec ensure your application to be tested by the best IT Security expert.
Make sure to obtain completes audit report for your Web/Mobile application.


A vulnerability has been submitted, you reviewed it. POC is working.

You now have to reward the pentester. Just "Accept" The vulnerability from your dashboard and the security expert will be rewarded.
Coins will be instantly transferred.

Bug hunters

As soon as bug hunters got a coin into their wallet, they'll have the possibility to withdraw them.
For the moment, money withdrawals are made manually. This workflow will be improved in a later release of the bug bounty platform.

Log in Sign up

Alios autem dicere aiunt multo etiam inhumanius (quem locum breviter paulo ante perstrinxi) praesidii adiumentique causa, non benevolentiae neque caritatis, amicitias esse expetendas; itaque, ut quisque minimum firmitatis haberet minimumque virium, ita amicitias appetere maxime; ex eo fieri ut mulierculae magis amicitiarum praesidia quaerant quam viri et inopes quam opulenti et calamitosi quam ii qui putentur beati.

Responsible Disclosure Policy