The 25 Tech Bug Bounty Programs With The Biggest Payouts


Email this CRN article

https://i.crn.com/sites/default/files/ckfinderimages/userfiles/images/crn/images/bug_red400.jpg

Reaping The Spoils

Vendors across the cybersecurity and IT landscape have in recent years embraced bug bounty programs, or the compensation of outsiders for uncovering and reporting flaws in their hardware, software or applications.

Fifteen technology vendors selling through the channel operate at least one public bug bounty program, according to CRN research, with Google running four and Microsoft running eight. Eleven of those vendors operate a digital 'hall of fame' to recognize security researchers for their findings, while two suppliers also provide hackers with goodies such as t-shirts for finding a bug.

Seven of the vendors run their own bug bounty program, with six companies managing their programs using Bugcrowd and two companies using HackerOne. Bugcrowd and HackerOne provide organizations with a SaaS platform and access to the security researchers necessary for running a successful bug bounty program.

Here's a look at how much the 25 programs compensate security researchers for their findings.




Email this CRN article