Security News

Since the launch of the Hack the Pentagon program in 2016, bug bounty programs continue to increase in popularity - however, as more programs are created, some companies are forgetting the real reason behind bug bounties. Instead of aiming to make their systems more secure, companies are viewing bug bounty programs as a "One size fits all" solution for their business.

Over the course of 2019, Facebook paid security researchers a total of $2.2 million in rewards for vulnerability reports submitted to the social media platform's bug bounty program. For comparison, the social platform paid more than $1.1 million for over 700 valid reports submitted to its bug bounty program in 2018, and more than $880,000 for over 400 valid reports in 2017.

To mark the occasion, Dropbox also revealed details on a handful of older, resolved bugs for the first time. The issue involved a feature for Dropbox Professional and Business users that allows them to password-protect their shared links via an option in Link Settings.

Today, Open Bug Bounty already hosts 680 bug bounties, offering monetary or non-monetary remuneration for security researchers from over 50 countries. Global companies such as Telekom Austria, Acronis, or United Domains run their bug bounties at Open Bug Bounty.

Today, Open Bug Bounty already hosts 680 bug bounties, offering monetary or non-monetary remuneration for security researchers from over 50 countries. Global companies such as Telekom Austria, Acronis, or United Domains run their bug bounties at Open Bug Bounty.

File hosting company Dropbox says it has awarded researchers over $1 million for vulnerabilities reported through its bug bounty program. Dropbox launched its bug bounty program in 2014 and in April 2015 it announced a program on the HackerOne platform.

Microsoft is offering rewards of up to $20,000 for finding vulnerabilities in its Xbox gaming platform through its latest bug bounty program unveiled this week. The Xbox Bounty Program is open to gamers, security researchers and basically anyone who can help the tech giant identify security vulnerabilities in the Xbox Live network and services and share them with the Xbox team, Chloé Brown, a Microsoft Security Response Center program manager, said in a blog post Thursday.

Gamers, security researchers, and technologists have been invited to identify security vulnerabilities in Xbox network and services and report them to Microsoft. Microsoft runs a number of bug bounty programs and has now decided that their Xbox offerings need extra attention from security researchers.

Google paid out $6.5 million in bug-bounty rewards in 2019, which doubles the internet behemoth's previous annual top total. Requested quarry includes apps that violate Google Play, Google API and Google Chrome Web Store Extension privacy policies.

Google claims it paid out over $6.5 million through its bug bounty programs in 2019, which brings the total awarded by the company since the launch of its first program in 2010 to more than $21 million. The total amount paid out in 2019 was nearly double compared to the previous year, and Google says the researchers who took part in its bug bounty programs donated an all-time-high of $500,000 to charity.