Thursday, June 11, 2015

What is Bug Bounty


Bug Bounty


Web Application Development companies, Online Software Development companies, big websites like facebook, Yahoo, Google, Microsoft etc pay some amount to hackers, cyber security people who help them in finding and/or fixing the cyber security vulnerabilities in their websites, applications etc.  Bug bounty programs are specially useful before launching the web application in the market.

Bug Bounty program was initiated by Jarrett Ridlinghafer and he coined the term "Big Bounty" while he was working at Netscape as technical support engineer.

Cyber Security researchers are hired by almost all big internet companies to find and fix the vulnerabilities. Companies run the Bug Bounty programs  to patch the flaws, security holes and cyber security people get rewards in the form of money or  gifts along with the good recognition. Companies publish the cyber security researcher name on their corporate website under "Hall of Fame" category and acknowledge their efforts openly. Bug Bounty programs are very helpful in making internet browsing, online shopping etc  more secure.

Nowadays companies are increasing the rewards to identify and patching the vulnerabilities. Cyber Security researchers may earn from $500 to $ 5000 and sometimes even more it all depends upon the complexity.

Beware - Finding the vulnerability does not mean that you publish the cyber security issues anywhere on any website or posting about security holes  on various internet forums to get publicity.  One must be responsible enough and should disclose such findings only to the company's Cyber Security Team.  

No comments:

Post a Comment

Email Security

Your organization security is at substantial risk if you have not implemented email security policy. Daily we all receive emails which con...