Tumar
Tumar - это программа вознаграждения за найденные уязвимости в информационных системах и ресурсах.
Узнать большеЧто такое Tumar?
Tumar - это программа, в ходе которой компания привлекает независимых исследователей (в индустрии называемые "белые хакеры", "багхантеры" или "ресерчеры") для выявления уязвимостей в информационных системах и ресурсах за монетарное вознаграждение.
Компания публично оглашает скоуп и уровень награды, после чего желающие могут пройти
регистрацию на платформе и принять участие в программе.
Подход к решению уязвимости государственных и бизнес информационных систем
Получите прямой доступ к лучшим этическим хакерам. Проводите стресс-тестирование систем, ищите ошибки и устраняйте уязвимости, прежде чем они будут известны.
Исследователи могут обнаружить то, что ваши специалисты могли не заметить или упустить при обеспечении информационной безопасности Ваших систем и ресурсов.
Вы можете создать приватный проект и приглашать исследователей на решение вашей проблемы.
Приняв участие в программе, Вы сможете получить отчет об уязвимостях, подтвержденный аналитиками TSARKA, совместно с рекомендациями по их устранению.
Начните исследование уже сейчас
Для участия в программе необходимо действовать этично и строго придерживаться установленных правил. Обязательно ознакомьтесь со всеми правилами, прежде чем приступать к поиску уязвимостей.
Узнать большеНадежно и безопасно
Наша инфраструктура построена для обеспечения конфиденциальности, безопасности и защиты наших клиентов, партнеров и исследователей.
Соблюдение нормативов
Соблюдение нормативных требований является главным приоритетом, и мы гарантируем, что наши решения, системы и процессы соответствуют применимым законам и постановлениям.
Все конфиденциально
Для обеспечения безопасности потребителей и соблюдения требований клиентов мы используем шифрование на уровне дисков, управляемое AWS, и не собираем, не продаем и не храним данные участников платформы.
Независимая проверка
Наши процессы и системы регулярно проверяются на соответствие отраслевым стандартам независимыми третьими сторонами.
Отзывы
Made Qaznet a little safer
Hello everyone! My name is Stanislav (aka @clevergod), vice-captain of the Codeby team of multiple winners of The Standoff (PHD). I wanted to thank the creators of this site https://bugbounty.kz, as it helped me personally to hand over most of the identified serious and even critical vulnerabilities in the open spaces of Qaznet without contacting or begging for closure from the owners themselves or their administrators, which in turn made Qaznet a little bit safer. Although I didn’t earn a penny of money, I have moral satisfaction from the presence of such a platform, which is very actively developing and gaining momentum and can attract young professionals to legalize the search for vulnerabilities in the treasury and bring obvious benefits to the Motherland!
Stanislav (aka @clevergod)
vice-captain of the Codeby team
Something new for Qaznet
Hey ! My name is Danila, I've been into bug bounty for the last 4 years - https://hackerone.com/danila In the vastness of the Internet in Kazakhstan, after finding a vulnerability, it was not so often possible to send a report, wait for a fix and receive a reward, risking more likely to receive threats - through this platform, you can send a vulnerability and count on a reward and fix a serious problem - something new for Qaznet.
Danila Chalykin
Bughunter
Finding vulnerabilities and getting money is now even more enjoyable!
Hello! I'm Nurlan (Nullrun), a bug bounty enthusiast who has been researching vulnerabilities for several years now :). I can’t help but express my deep gratitude for the unique opportunity to submit vulnerabilities in the treasury and contribute to the security of the network. This not only allows me to participate in the collection of vulnerability identification, but also actively contributes to the development of the bug hunter community. The process of submitting vulnerabilities becomes fun and productive thanks to the features that appear on the platform. The emergence of various companies and the public sector on the tumar.one platform is very encouraging; submitting vulnerabilities and receiving money is now even more pleasant! I cannot help but note the efficiency and professionalism of the team. Triage of reports is carried out within strictly established time frames, which significantly facilitates interaction and helps maintain a high level of efficiency. I look forward to continuing fruitful cooperation and new opportunities for joint development. Thank you for the dynamic and positive development of the platform!
Nullrun
TOP-1 BugHunter tumar.one 2023
Made Qaznet a little safer
Hello everyone! My name is Stanislav (aka @clevergod), vice-captain of the Codeby team of multiple winners of The Standoff (PHD). I wanted to thank the creators of this site https://bugbounty.kz, as it helped me personally to hand over most of the identified serious and even critical vulnerabilities in the open spaces of Qaznet without contacting or begging for closure from the owners themselves or their administrators, which in turn made Qaznet a little bit safer. Although I didn’t earn a penny of money, I have moral satisfaction from the presence of such a platform, which is very actively developing and gaining momentum and can attract young professionals to legalize the search for vulnerabilities in the treasury and bring obvious benefits to the Motherland!
Stanislav (aka @clevergod)
vice-captain of the Codeby team
Something new for Qaznet
Hey ! My name is Danila, I've been into bug bounty for the last 4 years - https://hackerone.com/danila In the vastness of the Internet in Kazakhstan, after finding a vulnerability, it was not so often possible to send a report, wait for a fix and receive a reward, risking more likely to receive threats - through this platform, you can send a vulnerability and count on a reward and fix a serious problem - something new for Qaznet.
Danila Chalykin
Bughunter
Finding vulnerabilities and getting money is now even more enjoyable!
Hello! I'm Nurlan (Nullrun), a bug bounty enthusiast who has been researching vulnerabilities for several years now :). I can’t help but express my deep gratitude for the unique opportunity to submit vulnerabilities in the treasury and contribute to the security of the network. This not only allows me to participate in the collection of vulnerability identification, but also actively contributes to the development of the bug hunter community. The process of submitting vulnerabilities becomes fun and productive thanks to the features that appear on the platform. The emergence of various companies and the public sector on the tumar.one platform is very encouraging; submitting vulnerabilities and receiving money is now even more pleasant! I cannot help but note the efficiency and professionalism of the team. Triage of reports is carried out within strictly established time frames, which significantly facilitates interaction and helps maintain a high level of efficiency. I look forward to continuing fruitful cooperation and new opportunities for joint development. Thank you for the dynamic and positive development of the platform!
Nullrun
TOP-1 BugHunter tumar.one 2023
Made Qaznet a little safer
Hello everyone! My name is Stanislav (aka @clevergod), vice-captain of the Codeby team of multiple winners of The Standoff (PHD). I wanted to thank the creators of this site https://bugbounty.kz, as it helped me personally to hand over most of the identified serious and even critical vulnerabilities in the open spaces of Qaznet without contacting or begging for closure from the owners themselves or their administrators, which in turn made Qaznet a little bit safer. Although I didn’t earn a penny of money, I have moral satisfaction from the presence of such a platform, which is very actively developing and gaining momentum and can attract young professionals to legalize the search for vulnerabilities in the treasury and bring obvious benefits to the Motherland!
Stanislav (aka @clevergod)
vice-captain of the Codeby team
Почему мы?
Наша компания пытается создать мост между большими компаниями и IT-сообществом. В совокупности мы получим более выгодный и эффективный механизм по обеспечению высокого уровня безопасности информационных систем и ресурсов.
