Google Paid Out $9 Million in Bug Bounties Since 2010
Google has awarded researchers more than $9 million since the launch of its bug bounty program in 2010, including over $3 million paid out last year. According to the company, more than 1,000 payments were made last year to roughly 350 researchers from 59 countries. The biggest single reward was $100,000 and over $130,000 were…
Facebook Awards $40,000 Bounty for ImageTragick Hack
A researcher claims to have received a $40,000 bounty from Facebook for finding a remote code execution vulnerability introduced by the ImageMagick image processing suite. The said ImageMagick flaw, tracked as CVE-2016-3714 and dubbed “ImageTragick,” was disclosed in May 2016. The security hole had already been exploited in the wild and security firms soon started…
7 steps to start a bug bounty program
Vulnerability assessment and identification strategies have evolved to include the concept of crowd sourced security testing through bug bounty programs. While bug bounty programs have been used for over 20 years, widespread adoption by enterprise organizations has just begun to take off within the last few. The bug bounty path, paved by tech giants, is…