SOC Prime Threat Bounty Program has been connecting skilled freelance detection engineers for over three years and has undergone many changes and improvements. Today, the Program is a unique opportunity to improve Detection Engineering skills, monetize the created detections, and make a personal portfolio with the leading Detection as Code platform.
SOC Prime Threat Bounty is a program where skilled freelance detection content creators can submit their own detections for publication and receive repeated payouts for these contributions. Although it may all sound simple and quite familiar, let us clarify some highly important moments.
Each application for participation gets validated by SOC Prime admins, and we approve only individuals with a proven security background and expertise. What exactly do we mean by this?
I recommend that content authors register for the Threat Bounty Program exclusively with a personal email address, as outlined in our license terms. Among other factors, it is one to avoid a situation when such Content is considered “created for hire” with the consequence that all copyright rights in the developed Content pass to the employer, including rewards. “Work for Hire” is a doctrine created by the United States Copyright Law that treats your employer or the company that commissioned your work, and not you, as the author and automatic copyright owner of the content you create, including non-commercial rights. And in general, if work was created at the initiative and expense of an employer (or employer), it is more likely to be considered work created for hire. Thus, one way of refuting the claim that the work was for hire is to establish that the creator acts as an independent contractor who provided his or her own tools, worked without daily supervision, and had absolute freedom to decide when and how long to work.
Mariana Melanchyk, Legal Counsel at SOC Prime
So, before approving your application request, we make sure that your participation in Threat Bounty is not in any way a representation of any of your employers. Besides, we clearly state that your participation in the Program does not create any employment relationship between you and SOC Prime or SOC Prime representatives.
Creating detections requires a certain level of expertise and practical knowledge about logging sources and data collection, network traffic, operation systems, SIEM systems and cloud environments, along with the proficiency in SOC analytics and forensics. To ensure that your expectations for monetizing your detection content with Threat Bounty meet our quality standards, all the applications undergo a verification process, as it was mentioned earlier.
With the Threat Bounty Program, skilled detection engineers gain the opportunity to expand their professional background and enrich a personal portfolio with the leading Detection as Code Platform by creating detection rules that are carefully reviewed by SOC Prime experts before publication.
To make your first steps with Threat Bounty more confident, we recommend exploring this SIGMA Rules: Beginner’s Guide as the initial and the most reliable source of information for self-improvement.
SOC Prime Threat Bounty Program provides you with a unique opportunity to earn money with your detections even when you sleep, while your detections are being used by 7,500+ companies globally.
You can only monetize your detection content that you submit with the Threat Bounty Program and which has passed the verification by the SOC Prime Team experts. To increase the chances for your detections to be published for monetization, consider the following recommendations:
The Threat Bounty rating is closely tied to the number of unique meaningful interactions of unique companies who download or deploy the published threat detection rules via the SOC Prime Platform. At SOC Prime, we do not pay any rewards just for the fact of content publication, which is typical for bug bounty programs. Our regular contributors of detection rules via Threat Bounty Program keep monetizing their Sigma rules which were released by them months ago but are still in high demand by SOC Prime clients – find more information in our regular Threat Bounty Digests.
Curating the pioneer Detection as Code platform, we carefully study our clients’ experience with the threat detection capabilities available on the platform, which is reflected in the rating-based approach, and reward content authors accordingly.
The dashboards in the Developer Cabinet demonstrate data on which the rating is based, and the actions of all Threat Bounty members, SOC Prime employees, and any repeated actions by clients are excluded. Normally, the numbers concerning content tractions will be significantly different on SOC Prime’s platform and your personal Developer cabinet.
In addition to monetization, content authors of the Threat Bounty Program receive the following opportunities:
Join Threat Bounty Program to gain a unique opportunity to monetize your Detection Engineering skills and make your own contribution to collaborative cyber defense. Take your professional expertise to the next level and connect to your industry peers to build a safer cyber world together.