DataDome Expands Bot Bounty Program to the Public, Invites Researchers to Rigorously Test its Solution

(US and Canada) DataDome, a leading provider of AI-powered online fraud and bot management, announced it has opened its bot bounty program to the public, in partnership with ethical hacking platform YesWeHack. This initiative incentivizes an extended community of external researchers to rigorously test DataDome's protection, in order to identify any potential vulnerabilities.

In this technical challenge, participants are encouraged to implement a scraping bot to scrape as much content as possible from two dedicated websites without being blocked by DataDome's solution. Rewards range from €200 to €5,000, based on various reporting scenarios.

Initially launched as a private bot bounty program in 2018, the internet's best bot builders have tried their hand at breaking DataDome's bot defenses, with 80,000+ monthly attempts.

"This expanded program is not just a challenge to external researchers; it is a testament to our belief that collaboration and transparency are key components in the ongoing battle against fraudsters," says Gilles Walbrou, Chief Technology Officer at DataDome. "While our solution is challenged every second by fraudsters targeting our customers worldwide, we look forward to the brightest minds adding their own challenges and collectively raising the bar for online protection."

DataDome's award-winning bot and online fraud solution detects and mitigates attacks on mobile apps, websites, and APIs in real time, protecting 300+ enterprises from account takeover, scraping, payment fraud, DDoS, credential stuffing, and more.

"Following the success of DataDome's invite-only program, we're delighted that this fellow cybersecurity leader is ready to further harden its award-winning products with the full power of our crowdsourced security testing," says Guillaume Vassault-Houlière, CEO and co-founder of YesWeHack. "DataDome's public YesWeHack program offers an exciting ethical hacking opportunity that is potentially both financially and – given the unusual nature of the scopes – technically rewarding."

Security researchers and enthusiasts interested in participating in the bot bounty program can find detailed information, guidelines, and submission instructions on YesWeHack's site.

Today's news comes on the heels of several recent announcements, including DataDome ranking #1 in the Winter 2024 G2 Grid® Report for Bot Detection and Mitigation, the release of Device Check, the company's rank to the 2023 Deloitte Technology Fast 500 and inclusion in the 2023 Inc. 5000, its channel partner program expansion, and closing $42M in Series C funding. DataDome has received widespread recognition in the past year for its market-leading detection and mitigation capabilities, including being the only bot detection & mitigation provider to rank on G2's prestigious Best Security Products of 2024 list, Best Use of Machine Learning/AI in the 2023 SC Europe Awards, the 2023 Fortress Cybersecurity Award for Application Security, the 2023 Global Infosec Award for Most Innovative Bot Mitigation, and more.