BUG BOUNTY is a reward (often monetary) offered by organizations to individuals (outside of the organization) who identify a bug / defect (especially those pertaining to security exploits and vulnerabilities) in a software / application.
Many organizations (especially IT companies) offer attractive Bug Bounty programs to the public so as to solicit bug reports from them and drive product improvement.
And, you have a chance to win any of the following:
- MONEY (Ranging from as low as $50 to as high as $1,000,000)
- MATERIAL (Ranging from a cool T-Shirt to a million flyer miles)
- APPRECIATION (Ranging from a simple Thank You note to a fancy Medal)
If you think we’re just kidding about the million dollars, check out Apple’s Maximum Payout for Network attack without user interaction (Zero-click kernel code execution with persistence and kernel PAC bypass) below.
Bug Bounty Programs
For your convenience, we’ve listed some Bug Bounty programs offered by major organizations:
|Organization||Bug Bounty Program||Minimum Payout||Maximum Payout|
|Apple||Apple Security Bounty||$5,000||$1,000,000|
|Microsoft||Microsoft Online Services Bounty Program||$500||$20,000|
|Microsoft||Microsoft Bug Bounty Program||—||$250,000|
|Google Security Reward Programs||$100||$1,000,000|
|Samsung||Samsung Mobile Security Rewards Program||$200||$200,000|
|AT&T||AT&T Bug Bounty Program||$50||$2,000|
|Amazon||Amazon Vulnerability Research Program||$100||$15,000|
|Verizon Media||Verizon Media Bug Bounty Program||$100||$15,000|
|Facebook Bug Bounty||$500||—|
|Intel Corporation||Intel Bug Bounty Program||$500||$100,00|
|The Internet Bug Bounty||The Internet Bug Bounty||$500|
Comprehensive lists of Bug Bounty Programs are available in the sites mentioned below:
- HackerOne: https://hackerone.com/bug-bounty-programs
- Bugcrowd: https://www.bugcrowd.com/bug-bounty-list/
So, what are you waiting for?
Relax, we have you covered: Master the ART & SCIENCE of SOFTWARE TESTING HERE.
Last Updated on September 6, 2020 by STF