freeCodeCamp/guide/english/security/bug-bounties/index.md

---
title: Bug Bounties
---

## Bug Bounties

Bug bounties are programs that are set up by companies to encourage people to check their products for vulnerabilities.  In return these companies offer rewards for reporting the discovered vulnerabilities.

### Benefits to bounty hunters

The benefits to the bounty hunters are fairly straightforward.  They get paid for what they find and get to improve their skills

### Benefits to companies

The companies that sponsor these programs gain several benefits:

- Many eyes on their product are more likely to find more bugs than the typical QA team
- Only have to pay for results, not for the time spent trying to find bugs
- Encourages people who find vulnerabilties to turn them over to the company and not to the black market.

### Notable companies and organizations that offer bug bounties

- Cisco
- Facebook
- Github
- Google
- Instagram
- Mastercard
- Microsoft
- Paypal
- Twitter
- Uber

A more comprehensive list can be found at the Bugcrowd's Bug Bounty List - https://www.bugcrowd.com/bug-bounty-list/

#### More Information

* One of the most popular Bug Bounties from Facebook: [Facebook Awards Server-Crushing Hacker With Its Biggest Ever Bounty on Forbes](http://fortune.com/2017/01/19/facebook-hacker-bug-bounty/)
* Bug Bounties on Wikipedia: [Bug Bounties (Wiki)](https://en.wikipedia.org/wiki/Bug_bounty_program)
feat(guide): Import guide in to the client app 2018-10-04 14:47:55 +01:00			`---`
			`title: Bug Bounties`
			`---`

			`## Bug Bounties`

Updated to clarify and add list of companies (#24220) * Updated to clarify and add list of companies Changed line 7 to read reward instead of money because not all companies offer monetary rewards. Added a section on notable companies and a link to a site that compiles a more extensive list of companies. * Update index.md 2018-11-26 15:09:04 -05:00			`Bug bounties are programs that are set up by companies to encourage people to check their products for vulnerabilities. In return these companies offer rewards for reporting the discovered vulnerabilities.`
feat(guide): Import guide in to the client app 2018-10-04 14:47:55 +01:00
			`### Benefits to bounty hunters`

			`The benefits to the bounty hunters are fairly straightforward. They get paid for what they find and get to improve their skills`

			`### Benefits to companies`

			`The companies that sponsor these programs gain several benefits:`

			`- Many eyes on their product are more likely to find more bugs than the typical QA team`
			`- Only have to pay for results, not for the time spent trying to find bugs`
			`- Encourages people who find vulnerabilties to turn them over to the company and not to the black market.`
Updated to clarify and add list of companies (#24220) * Updated to clarify and add list of companies Changed line 7 to read reward instead of money because not all companies offer monetary rewards. Added a section on notable companies and a link to a site that compiles a more extensive list of companies. * Update index.md 2018-11-26 15:09:04 -05:00
			`### Notable companies and organizations that offer bug bounties`

			`- Cisco`
			`- Facebook`
			`- Github`
			`- Google`
			`- Instagram`
			`- Mastercard`
			`- Microsoft`
			`- Paypal`
			`- Twitter`
			`- Uber`

			`A more comprehensive list can be found at the Bugcrowd's Bug Bounty List - https://www.bugcrowd.com/bug-bounty-list/`
Added More Info (#26690) Added links to an article on Facebooks ImageMagick Bug Bounty on forbes and to the official Bug Bounty Wikipedia page 2019-01-12 12:39:32 +01:00
			`#### More Information`

			`* One of the most popular Bug Bounties from Facebook: [Facebook Awards Server-Crushing Hacker With Its Biggest Ever Bounty on Forbes](http://fortune.com/2017/01/19/facebook-hacker-bug-bounty/)`
			`* Bug Bounties on Wikipedia: [Bug Bounties (Wiki)](https://en.wikipedia.org/wiki/Bug_bounty_program)`