The Bug Bounty Engagement Simulator is a modeling tool designed to help you predict potential reward and submission outcomes for new Managed Bug Bounty engagements over a six-month period. It uses inputs such as target scope, reward range, and anticipated crowd size to generate these simulations.
Generating Engagement Simulation
To create the engagement simulation, follow these steps:
-
Select a Security Program and go to the Summary tab.
-
In the Engagements section, click the Try out the simulator button.
The Bug Bounty Engagement simulator page is displayed.
-
In the Targets section, add the following for each target:
- The URL or Name
- Select a category or a tag from the Tags drop-down menu. You can select and delete categories and tags in the Tags drop-down field.
You can add multiple targets by clicking the Add another target button.
Once a target is added you can click the red bin icon to delete it.
-
In the Reward range section, select the range that reflects your organization’s security maturity to indicate the expected payout for each vulnerability. You can choose from our preset ranges—Elite, Mature, or Young—or define your own custom range.
-
In the Crowd selection section, select the crowd size from the drop-down.
-
Click Generate simulation.
The Simulation generated successfully message is displayed. You can view the Simulated outcomes in the Bug Bounty Engagement simulator page.
Managing Engagement Simulation
In the Bug Bounty Engagement simulator page, you can Edit details, Start again, or Download the simulation as a PDF.
You can view the simulated outcomes, using the All, Rewards, Submissions, Monthly, and Cumulative filter options.
To start a new engagement from a generated simulation, please click Share with Bugcrowd Support and share the simulation PDF. When submitting your support ticket, select the request type Program/Engagement: Start New Engagement.
Please note: Actual engagement results may vary from generated simulations depending on the complexity of testing and other factors.