Bug Bounties are specialist programs where security research, also referred to as bug hunters are rewarded for discovering and privately disclosing security vulnerabilities. Bug Bounties are popular, and sometimes cost-effective, mechanisms for diversifying the internal security operations by crowd-sourcing external security experts. Simply put, the likelihood of discovering major vulnerabilities increases with the number of people actively looking for them.
One popular bug hunting technique which has proven to be very successful among security researchers is the active fingerprinting of domains, IP addresses, ports and other related resources which fall under the bug bounty scope. Like real attackers, bug hunters are trying to find a weakness to gain some kind basic access. Fingerprinting help achieve exactly this by utilizing various types passive and active attacks often falling under the banner of Open Source Intelligence (OSINT).
SecApps Scout uses the exact same intelligence gathering techniques a real attacker would use but doing so in a fully automated fashion backed by large clusters of computing resources and data set. The aggregated data is analysed and filtered using proven data models. Finally the data is presented to the end-user for consumption.
SecApps Scout not only can help security researchers at discovering vulnerabilities in bug bounty programs but it also helps organizations with or without bug bounty programs being more proactive at protecting their public infrastructure.