Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
IssueHunt is a bug bounty platform operated by IssueHunt K.K. Its website describes it as Japan’s “No. 1” bug bounty platform. The core model is straightforward: companies launch bug bounty or vulnerability disclosure programs, security researchers test within the defined scope and submit reports, and companies pay rewards after reviewing the findings—typically after triage or remediation.
In terms of protection model, IssueHunt is not a traditional perimeter defense or automated scanning tool. Instead, it relies on crowdsourced security researchers to discover vulnerabilities. The platform supports three types of programs: Public, Application, and Invite Only. Public programs are open to anyone, Application programs require company approval, and Invite Only programs are limited to invited hunters.
The site also notes that program pages can support English, and researchers can send and receive messages in English. This may help Japanese companies attract international researchers. On the management side, companies can define scope, guidelines, and required information on the program page, then review submitted reports. However, there is no visible detail on alerts, dashboards, SLAs, analytics reports, or similar enterprise management features.
The page does not disclose enterprise subscription fees, service fees, commission models, minimum bounty amounts, platform take rates, or contract terms. What is known is that researcher rewards can be paid after triage or after the issue is fixed, with withdrawals available via bank transfer or PayPal. For enterprise procurement, pricing transparency is limited, so further confirmation with sales would be necessary.
The strengths are its clear positioning, focus on Japanese companies, and support for English-language programs and communication. Its flexible program access models allow companies to run open crowdsourced testing or control which researchers can participate.
The drawbacks are the limited amount of public information. Compliance certifications, data handling practices, enterprise system integrations, alerting, and reporting capabilities are not disclosed, making it difficult to assess whether it can meet the security governance and audit requirements of large enterprises.
IssueHunt is best suited to Japanese companies that want to build a bug bounty program targeting Japanese or international researchers, as well as security researchers interested in participating in Japanese company programs. The source text does not provide information about access from mainland China. For payments, only bank transfer and PayPal are explicitly mentioned.
If Chinese companies need a similar service, alternatives to compare include HackerOne, Bugcrowd, YesWeHack, Intigriti, as well as domestic platforms such as 补天 and 漏洞盒子.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on issuehunt.io official site.
issuehunt.io is an Japan Security provider. TG4G tracks its product information, an overall rating of 8.0/10, and a China-accessibility score of China direct-connect friendly. Click "Visit Official Site" to reach issuehunt.io directly.