Bug Bounty Service

Our fully managed Bug Bounty programme will enable organisations to leverage our community of registered ethical hackers with the identification of exploits and vulnerabilities across an organisation’s critical applications and systems.

Ethical hackers will be incentivised to find valid security issues in return for cash rewards based on the severity and likelihood of the vulnerabilities identified.

Our Bug Bounty Service Launches in 2022

We will be building a community of ethical hackers who can share knowledge, compete for kudos, and earn excellent bounties for the vulnerabilites they uncover.

If you are interested as a business looking for a repuatable and well managed bug bounty service, or as a hacker looking for a place to make good money for great work, register your interest to be updated as our service evolves.

How Bug Bounty Works


Our community of Ethical Hackers and Security Researchers identify a security vulnerability with the in-scope systems. This is reported to Rootshell Security.


Our professional services team validate the reported vulnerability and it is given a risk rating using our likelihood X Severity (Critical, High, Medium, Low, Informational).


If validated, this is communicated to the client and a full documented report showing how the vulnerability is identified including evidence and mitigation recommendations.


Rootshell Security make a payment to the Ethical Hacker/Security Researchers for the value of the vulnerability.