Some programs are invitation only. This means that the company wants or needs to restrict access to their program to a subset of researchers. Generally, invitation-only bounty programs work the same as public programs. The major difference is that they are private and you have to be invited to participate in the program. Private programs grow over time, adding new scope and targets, higher rewards and may be able to remove previous requirements which enables a larger number of participating Researchers:
- If you are selected to participate in a private bounty at launch, we try and provide an invitation to the program at least 48 hours prior to the start of the program, but please keep in mind that sometimes this is not possible.
- When a program is able to increase the number of participants and you are selected to participate, you will be able to begin testing immediately on the ongoing program.
All invitations are sent from Bugcrowd--not from the actual company running the bounty.
We selectively invite Researchers to private programs based on skill set needed (program determined) and activity (based on your historical statistics). More in-depth information is available here.
To view your invitations, log in to Bugcrowd.
Go to Account > Invites.
This will automatically filter by "Pending Invitations". These are programs you have been invited to, but that you have yet to accept.
You can choose to participate in any program that you are invited to by clicking the ‘Accept Invite’ button on the program card. You can opt out of any specific program by contacting firstname.lastname@example.org.