Try Now
Get hands on with Cobalt's PtaaS Platform

Capture the Coin

At Cobalt, we’re constantly thinking about how we can take application security to the next level. Today, we’re excited to launch Capture...

At Cobalt, we’re constantly thinking about how we can take application security to the next level. Today, we’re excited to launch Capture the Coin (#CTC), a contest that will allow us to experiment with a bitcoin bounties hidden within the Cobalt platform.

What is Capture the Coin?

Our Capture the Coin contest is a challenge similar to traditional Capture the Flag contests within the security community. Instead of capturing a flag, however, participants can capture bitcoin private keys hidden in parts of our web application that are inaccessible to regular users.

Anyone who finds a key can claim the bitcoin as a reward.

As part of our contest, we have created three bitcoin addresses and deposited rewards of 1.5 BTC, 1.0 BTC and 0.5 BTC respectively.

Experimenting with Bug Bounties

Because of its flexibility as a technology protocol, bitcoin enables us to experiment with monetary rewards in new ways like allowing us to build rewards directly into our website. To detect intrusion, we can set up automatic notifications when we see movements on specific bitcoin addresses, thereby building a monetary layered intrusion detection system.

For security researchers, a few of the advantages of hunting bitcoin private keys are that:

  • testers are rewarded immediately with minimal fees,

  • and testers do not have to wait for a third party to validate a bug report before claiming the reward.

If you are a security researcher who captures the coin, please let us know! We would love to recognize your efforts, and learn how you did it. If you participate in Capture the Coin and find any other vulnerabilities in the Cobalt platform, please submit those through our regular bug bounty program.

Go Capture the Coin!

#CTC

Back to Blog
About Jacob Hansen
Jacob Hansen is Co-founder and Chief Executive Officer at Cobalt. Jacob and his team are on a mission to evolve the traditional pentesting model by engaging the best cybersecurity talent, via Cobalt’s PtaaS platform, and allowing customers to move from a static pentest to platform-driven pentest programs that drive better security and improve ROI. More By Jacob Hansen