Security30.05.2016
R234,000 for a Twitter remote code execution vulnerability
Twitter said it has paid out $322,420 (R5 million) to researchers who have reported bugs to the company over the last two years.
Twitter said its engagement with the infosec community through its bug bounty programme is a key component to strengthening the service’s security.
“In the two years since launch, we’ve received 5,171 submissions to our programme from 1,662 researchers,” said Twitter.
“We also offer a minimum of $15,000 for remote code execution vulnerabilities, but we have yet to receive such a report.”
Here is a summary of Twitter’s bug bounty programme for the past two years.
- 20% of resolved bugs have been publicly disclosed.
- It has paid $322,420 to researchers.
- The average payout is $835.
- The lowest payout was $140, and the highest payout was $12,040.
- In 2015, a single researcher made over $54,000 from reporting vulnerabilities.
More on Twitter
Twitter testing Periscope live broadcast button
Twitter to change its 140-character measurement
How many South Africans are on Facebook and Twitter
Don't miss the latest news
Show comments
Loading ...