INSUBCONTINENT EXCLUSIVE:
Federacy, a member of the Y Combinator Summer 2018 class, has a mission to make bug bounty programs available to even the smallest
startup.Traditionally, bug bounty programs from players like Bugcrowd and HackerOne have been geared toward larger organizations
While these certainly have their place, founders William and James Sulinski, who happen to be twins, felt there was a gap in the
marketplace, where smaller organizations were being left out of what they considered to be a crucial service
They wanted to make bug bounty programs and the ability to connect without outside researchers much more accessible, so they built
Federacy.&We think that we can make the biggest impact by making the platform free to set up and incredibly simple for even the most
resource-strapped startup to extract value
In doing so, we want to expand bug bounties from probably a few hundred companies currently — across Bugcrowd, HackerOne, etc
— to a million or more in the long run,& William Sulinski told TechCrunch.That an ambitious long-term goal, but for now, they are just
In fact, the brothers only began building the platform when they arrived at Y Combinator a couple of months ago
Once they built a working product, they started by testing it on the members of their cohort, using knowledgeable friends as security
researchers.They made the service public for the first time just last week on Hacker News and report more than 120 sign-ups already
Their goal is 1,000 sign-ups by year end, which William claims would make them the largest bug bounty platform by count out
there.Screenshot: FederacyFor now, they are vetting every researcher they bring on the platform
While they realize this approach probably won&t be sustainable forever, they want to control access at least for the early days while they
They plan to be especially attentive to the researchers, recognizing the value they bring to the ecosystem.&It really important to treat
researchers with respect and be attentive
These people are incredibly smart and valuable and are often not treated well
A big thing is just being responsive when they have a report,& Sulinski explained.Screenshot: FederacyAs for the future, the brothers hope
to keep building out the program and developing the platform
One idea they have is getting a fee should a client build a relationship with a particular researcher and want to contract with that
They also plan to take a small percentage of each bounty for revenue.Unlike more typical YC participants, the brothers are a bit older, in
their mid-thirties, with more than 20 years of professional experience under their belts
Brother James was director of engineering at MoPub, a mobile ad platform that Twitter acquired for $350 million in 2013
Earlier he helped build infrastructure for drop.io, a file-sharing site thatFacebook acquired in 2010
As for William, he was CEO of AccelGolf and Pistol Lake, and founding member and project lead at Shareaholic.In spite of their broad
experience, the brothers have valued the practical advice Y Combinator has provided for them and found the overall atmosphere inspiring
&It hard not to be in awe of the incredible things that people have built in this program,& William said.
