GitHub has launched its GitHub Bug Bounty, a program aimed to help security researchers in finding bugs and flaws in system. The company is reportedly willing to pay between $100 and $5,000 for each security vulnerability discovered and responsibly disclosed by hackers.
Only the GitHub API, GitHub Gist, and GitHub.com. GitHub are available for the above mentioned program, but the company says its other Web properties and applications are not part of the program though vulnerabilities found “may receive a cash reward at our discretion.”, as they pointed out.
The amount of money given for bugs and flaws is said to be “based on actual risk and potential impact to our users.” Meaning, the bigger the potential scope and the bigger the severity of the issue, the larger the payout.
“If you find a reflected XSS that is only possible in Opera, which is 60% of our traffic, will earn a much larger reward.” GitHub gave as an example.
Even spotting a very low-level bug is worth disclosing for the extra cash. Not only are you getting paid for your hard work, but you’re making the Web safer in the long-run. Bug bounty programs are becoming more and more popular because they work. The damages caused by exploited bugs are much greater than simply paying security researchers for finding them first.
Thank you TheNextWeb for providing us with this information
Image courtesy of GitHub
Electronic Arts (EA) announced today that its games were played for over 11 billion hours…
Steam's annual end-of-year recap, Steam Replay, provides fascinating insights into gamer habits by comparing individual…
GSC GameWorld released a major title update for STALKER 2 this seeking, bringing the game…
Without any formal announcement, Intel appears to have revealed its new Core 200H series processors…
Ubisoft is not having the best of times, but despite recent flops, the company still…
If you haven’t started playing STALKER 2: Heart of Chornobyl yet, now might be the…