Share this:
The bounty hunters of today aren’t roaming the Wild West with a rifle and a pair of handcuffs — rather, they’re denizens of the online world, hunting for bugs. And boy, are they getting paid.
In a recently released report from Twitter, the social media company revealed that over the last two years, bug bounty hunters have been paid over $300,000 in rewards for finding “threats and attacks against [Twitter’s] users and systems.” Because keeping a vast internet company up and running and safe from malicious parties is a collaborative, and sometimes for-hire, effort.
As Twitter admitted Friday, the Silicon Valley firm has another line of defense that works alongside its “dedicated account-, network-, enterprise-, corporate-, and application-security teams.” Thanks to its bug bounty program, Twitter has tapped into a vast network of security researchers who help alert the firm to any vulnerabilities they find so that the company can fix them before others can exploit them.
The program has been a critical component of Twitter’s defenses since May 2014, and the company calls it “an invaluable resource for finding and fixing security vulnerabilities ranging from the mundane to severe.”
Over the last 24 months, Twitter has received 5,171 submissions from 1,662 researchers, and the company has paid a total of $322,420 to researchers. The average payout is a not-so-shabby $835, and the highest payout to date has been an impressive $12,040. Why the odd amounts? Because it’s Twitter, and everything is in a multiple of $140 (yes, that means that its minimum payment is also $140).
Related: Two more Twitter executives make their exit from the company
In fact, so lucrative is Twitter’s bug bounty program that you could practically make a living off of reporting vulnerabilities alone. In 2015, the company says, a single researcher made over $54,000 — that either speaks to the researcher’s prowess … or the multiplicity of Twitter’s security issues.
And if you’re really looking for a big payout, try to find a remote code execution vulnerability — Twitter pays $15,000 a pop for one of those. But they’ve yet to receive such a report.
“We’re thankful to all the security researchers who have worked hard to find and report vulnerabilities in Twitter, and we look forward to continuing our good faith relationship in 2016 and beyond,” the company concludes. And of course, if you want to turn your bug bounty hunting skills into a real job, Twitter also notes that it’s hiring on its security team.
- Bug bounty hunter scores on Facebook and turns in another hacker
- Who’s keeping your data safe? With bug bounties, it’s would-be hackers
- Google will pay you $100K if you can pull off the ultimate Chrome hack
from Planet GS via John Jason Fallows on Inoreader http://ift.tt/1siCoZS
Lulu Chang
More Stories
‘My 401k Misses You’: Black Woman Pumped To Meet Donald Trump In Philadelphia – July 18, 2023 at 04:56PM
Energy Provider Warns of Impending ‘Crisis,’ ‘Blackout Conditions’ Driven By Biden Plans – July 18, 2023 at 04:20PM
Dog starts barking at cows crossing a bridge, so the cows stop to have a look. – July 17, 2023 at 02:27PM