2018-10-04 14:47:55 +01:00
---
title: Bug Bounties
---
## Bug Bounties
2019-02-11 19:30:29 -05:00
Bug bounties are programs that are set up by companies to encourage people to check their products for vulnerabilities. In return these companies can offer cash prizes for the discovered vulnerabilities. Many companies have stringent requirements as to which discovered vulnerability would be considered for a cash prize. It's important to understand the limitations and rules for each organization prior to doing any bug hunting.
2018-10-04 14:47:55 +01:00
### Benefits to bounty hunters
The benefits to the bounty hunters are fairly straightforward. They get paid for what they find and get to improve their skills
### Benefits to companies
The companies that sponsor these programs gain several benefits:
- Many eyes on their product are more likely to find more bugs than the typical QA team
- Only have to pay for results, not for the time spent trying to find bugs
- Encourages people who find vulnerabilties to turn them over to the company and not to the black market.
2018-11-26 15:09:04 -05:00
### Notable companies and organizations that offer bug bounties
- Cisco
- Facebook
2019-02-12 09:46:34 +01:00
- GitHub
2018-11-26 15:09:04 -05:00
- Google
- Instagram
- Mastercard
- Microsoft
- Paypal
- Twitter
- Uber
A more comprehensive list can be found at the Bugcrowd's Bug Bounty List - https://www.bugcrowd.com/bug-bounty-list/
2019-01-12 12:39:32 +01:00
#### More Information
2019-01-19 01:14:59 +01:00
* [Facebook Awards Server-Crushing Hacker With Its Biggest Ever Bounty on Forbes ](http://fortune.com/2017/01/19/facebook-hacker-bug-bounty/ )
* [Bug Bounties on Wikipedia ](https://en.wikipedia.org/wiki/Bug_bounty_program )
* [Bugcrowd bug bounty List ](https://www.bugcrowd.com/bug-bounty-list/ )
* [Hackerone list of bug bounty programs ](https://hackerone.com/bug-bounty-programs )
2019-02-12 09:46:34 +01:00
* [github bug bounty ](https://bounty.github.com/ )
