The vulnerabilities evaluation by crowdsourcing is a good manner for famous online systems to find their technical vulnerabilities, but on the other hand, there are still many problems or challenges such as the shell script uploaded by members of a security team was not deleted after evaluation, resulting in a backdoor in the system. The functional requirements for a secured process to evaluate technical vulnerabilities are recommended in this recommendation. And the functional requirements with corresponded mechanisms would be mainly used to solve the lack of trust in the crowdsourcing manner. It is meaningful to make sure that the vulnerabilities evaluation operated by security teams be reliable, auditable, traceable, and controllable.