(ISC)²

Since 2013, (ISC)² has been both a customer and a partner of Bugcrowd, running a public bug bounty program and offering CPE credits to those maintaining their CISSP certification. 

 

The (ISC)² Bounty Program:

 

(ISC)² has run a public bounty offering Kudos points and potential CPE credits for nearly two years. Read their full bounty program brief here.

Earn CPE Credits for Bug Hunting:

(ISC)² certifications are amongst the most widely recognized in the information security industry. There are over 100,000 CISSPs worldwide and many organizations consider the CISSP a “must-have” in their information security candidates.

To maintain their certification (ISC)² members need to engage in eligible “continuing professional experience” activities, which now including bug bounty participation.

Here’s how it works:

  • Sign up to join the Bugcrowd security researchers.
  • Find a bug in one of our bounties and submit it to us.
  • If you hold a CISSP, CSSLP, SSCP or CSSLP holder enter your (ISC)² member number and the approximate time spent finding the bug in the bug submission form.
  • The time spent on any submission which is valid and doesn’t result in a payment (i.e. any charity bounty, and non-first valid findings in a paid bounty) is a valid CPE activity.
  • If your submission is valid then, at the end of each month, we’ll submit your contribution for that month to the (ISC)².