SlideShare uma empresa Scribd logo

Top 20 Public Bug Bounty Programs

HackerOne
HackerOne

The document lists the top 20 public bug bounty programs on the HackerOne platform based on total bounties paid out. Verizon Media ranked #1 having paid out over $4 million total in bounties. Other top programs included Uber, PayPal, Shopify, Twitter, Intel, Airbnb, Ubiquiti Networks, Valve, GitLab, GitHub, Slack, Starbucks, Mail.ru, Grab, Coinbase, Snapchat, HackerOne, DropBox, and VK. The document provides details on total bounties paid, response times, number of hackers thanked, largest bounty amounts, and number of reports resolved for each program.

Tecnologia
1 de 23
Baixar para ler offline
Top 20 Public Bug Bounty Programs The biggest, fastest, and most lucrative bounty programs on the HackerOne platform.
The Top 20 Public Bug Bounty Programs! Welcome to HackerOne’s 2019 list of the top bug bounty programs on the HackerOne platform. The list was curated using public details available in the HackerOne directory of programs, with rankings based on the total amount of each organization’s cumulative bounties awarded to hackers over the life of their program*. It also includes accolades for those programs who placed in the top 5 for fastest response time, fastest time to bounties paid, most hackers thanked, most vulnerability reports resolved, and more. Hackers are attracted to programs that are responsive, pay well, and pay quickly. So the most popular programs are also, unsurprisingly, the ones listed here. Now, on to the list! *Note: Bounty figures do not necessarily include bounties from Live Hacking Events, Private programs, or other engagements.
Verizon Media Creating what’s next in content, advertising and technology. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$4,000,000 Average First Response 9 HOURS Thanked 1,124 Top Bounty $6,000 Average Time to Bounty 24 DAYS Reports Resolved 5,269 Program launched February 2014 ACCOLADES #1 in All-Time Bounties Paid #1 Most Hackers Thanked #1 Most Reports Resolved Top 5 Largest Top Bounty 5 Year Club
Uber We ignite opportunity by setting the world in motion. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,795,000 Average First Response 8 HOURS Thanked 635 Top Bounty $15,000 Average Time to Bounty 2 MONTHS Reports Resolved 1,172 Program launched March 2016 ACCOLADES Top 5 Most Hackers Thanked Top 5 Most Reports Resolved Top 5 Fastest Response Time
PayPal Send money, pay online. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,170,000 Average First Response 5 HOURS Thanked 212 Top Bounty $30,000 Average Time to Bounty 17 DAYS Reports Resolved 430 Program launched September 2018 ACCOLADES #1 Largest Top Bounty Top 5 Fastest Response Time
Shopify Build your business. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,100,000 Average First Response 8 HOURS Thanked 427 Top Bounty $25,000 Average Time to Bounty 2 DAYS Reports Resolved 996 Program launched April 2015 ACCOLADES #1 Fastest Time to Bounty Top 5 Most Reports Resolved Top 5 Largest Top Bounty
Twitter See what’s happening. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,100,000 Average First Response 1 DAY Thanked 695 Top Bounty $15,120 Average Time to Bounty 12 DAYS Reports Resolved 995 Program launched May 2014 ACCOLADES Top 5 Most Hackers Thanked Top 5 Most Reports Resolved 5 Year Club
Intel Making possible the most amazing experiences of the future. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$800,000 Average First Response -- Thanked 69 Top Bounty -- Average Time to Bounty -- Reports Resolved -- Program launched February 2018
Airbnb Book unique homes and experiences. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$600,000 Average First Response 3 HOURS Thanked 257 Top Bounty $15,000 Average Time to Bounty 5 DAYS Reports Resolved 508 Program launched February 2015 ACCOLADES Top 5 Fastest Response Time Top 5 Fastest Time to Bounty
Ubiquiti Networks Democratizing professional network technology. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$600,000 Average First Response -- Thanked 511 Top Bounty -- Average Time to Bounty -- Reports Resolved 765 Program launched March 2015
Valve We make games, Steam, and hardware. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$570,000 Average First Response 17 HOURS Thanked 237 Top Bounty $20,000 Average Time to Bounty 30 DAYS Reports Resolved 470 Program launched May 2018 ACCOLADES Top 5 Largest Top Bounty
GitLab A single application for the entire software development lifecycle. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$570,000 Average First Response 3 HOURS Thanked 162 Top Bounty $12,000 Average Time to Bounty 3 MONTHS Reports Resolved 318 Program launched February 2016 ACCOLADES Top 5 Fastest Response Time
GitHub A development platform inspired by the way you work. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$520,000 Average First Response 17 HOURS Thanked 225 Top Bounty $20,000 Average Time to Bounty 7 DAYS Reports Resolved 348 Program launched April 2016 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
Slack Imagine what you’ll accomplish together. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$420,000 Average First Response -- Thanked 420 Top Bounty $10,000 Average Time to Bounty -- Reports Resolved 838 Program launched February 2014 ACCOLADES 5 Year Club
Starbucks The best coffee and espresso drinks. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 1 HOUR Thanked 560 Top Bounty $8,000 Average Time to Bounty 8 DAYS Reports Resolved 628 Program launched November 2016 ACCOLADES #1 Fastest Response Time Top 5 Most Hackers Thanked
Mail.ru Making technologies simple and accessible. Top 5 Fastest Response Time Top 5 Most Hackers Thanked Top 5 Fastest Time to Bounty Top 5 Most Reports Resolved 5 Year Club ACCOLADES Program launched April 2014 BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 5 HOURS Thanked 581 Top Bounty $10,000 Average Time to Bounty 7 DAYS Reports Resolved 2284
Grab Rides for everyone. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 14 HOURS Thanked 200 Top Bounty $10,000 Average Time to Bounty 5 DAYS Reports Resolved 328 Program launched July 2014 ACCOLADES Top 5 Fastest Time to Bounty
Coinbase Buy and sell cryptocurrency. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response -- Thanked 298 Top Bounty $20,000 Average Time to Bounty -- Reports Resolved 411 Program launched March 2014 ACCOLADES Top 5 Largest Top Bounty 5 Year Club
Snapchat The fastest way to share a moment. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$295,000 Average First Response 1 DAY Thanked 229 Top Bounty $25,000 Average Time to Bounty 7 DAYS Reports Resolved 289 Program launched April 2015 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
HackerOne Who? Us? Program launched November 2013 BOUNTIES RESPONSE HACKERS All-Time Total Paid TOP 25 Average First Response 7 DAYS Thanked 317 Top Bounty $20,000 Average Time to Triage 20 HOURS Reports Resolved 341 Average Bounty $500 Average Time to Bounty 11 DAYS Top Bounties Paid >$280,000
DropBox Put your creative energy to work. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$275,000 Average First Response 19 HOURS Thanked 195 Top Bounty $23,058 Average Time to Bounty 7 DAYS Reports Resolved 261 Program launched January 2015 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
VK The largest European social network. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$265,000 Average First Response -- Thanked 379 Top Bounty -- Average Time to Bounty -- Reports Resolved 630 Program launched May 2015
Improve your security today, with help from HackerOne HackerOne not only gives you access to community of 400,000 white hat hackers, we give you the platform, support, and expertise to make your security program one of the best in the world. These Top 20 programs are just a fraction of the more than 1,400 customers we work with everyday and who we’ve helped resolve over 120,000 vulnerability reports. When you put it all together, it’s no wonder we’re the #1 bug bounty platform in the world. To learn how we can help you, visit hackerone.com.

Recomendados

9 Top Bug Bounty Programs
9 Top Bug Bounty Programs9 Top Bug Bounty Programs
9 Top Bug Bounty Programs
HackerOne
 
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
HackerOne
 
Meet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programsMeet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programs
HackerOne
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty Basics
HackerOne
 
Enhanced threat intelligene for s ps v3
Enhanced threat intelligene for s ps v3Enhanced threat intelligene for s ps v3
Enhanced threat intelligene for s ps v3
Neil King
 
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
HackerOne
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Mazin Ahmed
 
5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program
bugcrowd
 

Recomendados

9 Top Bug Bounty Programs
9 Top Bug Bounty Programs9 Top Bug Bounty Programs
9 Top Bug Bounty Programs
HackerOne
 
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
The 2018 Hacker Report: Insights on the hacker mindset, who they are, and the...
HackerOne
 
Meet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programsMeet the hackers powering the world's best bug bounty programs
Meet the hackers powering the world's best bug bounty programs
HackerOne
 
Bug Bounty Basics
Bug Bounty BasicsBug Bounty Basics
Bug Bounty Basics
HackerOne
 
Enhanced threat intelligene for s ps v3
Enhanced threat intelligene for s ps v3Enhanced threat intelligene for s ps v3
Enhanced threat intelligene for s ps v3
Neil King
 
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
Bounty Craft: Bug bounty reports how do they work, @sushihack presents at Nu...
HackerOne
 
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Bug Bounty Hunting for Companies & Researchers: Bounty Hunting in Sudan and A...
Mazin Ahmed
 
5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program5 Tips to Successfully Running a Bug Bounty Program
5 Tips to Successfully Running a Bug Bounty Program
bugcrowd
 
AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'
bugcrowd
 
Bug Bounty Tipping Point: Strength in Numbers
Bug Bounty Tipping Point: Strength in NumbersBug Bounty Tipping Point: Strength in Numbers
Bug Bounty Tipping Point: Strength in Numbers
bugcrowd
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
Cyren, Inc
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
Cyren, Inc
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Cyren, Inc
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
NowSecure
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
Adam Barrera
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and Prediction
Jonathan Cran
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
Splunk
 
Threat hunting workshop
Threat hunting workshopThreat hunting workshop
Threat hunting workshop
Megan Shippy
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
Abhinav Mishra
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
Splunk
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 
Crowdfunding for Impact, July 2016
Crowdfunding for Impact, July 2016Crowdfunding for Impact, July 2016
Crowdfunding for Impact, July 2016
Kathleen Holmlund
 
Getting Social With Google Ad Grants
Getting Social With Google Ad GrantsGetting Social With Google Ad Grants
Getting Social With Google Ad Grants
Media Cause
 

Mais conteúdo relacionado

Mais procurados

AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'
bugcrowd
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
CrowdStrike
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
Adam Barrera
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
CrowdStrike
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
Splunk
 

Mais procurados (20)

AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'AppSecUSA 2016: 'Your License for Bug Hunting Season'
AppSecUSA 2016: 'Your License for Bug Hunting Season'
 
Bug Bounty Tipping Point: Strength in Numbers
Bug Bounty Tipping Point: Strength in NumbersBug Bounty Tipping Point: Strength in Numbers
Bug Bounty Tipping Point: Strength in Numbers
 
Webinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array worksWebinar: Stopping evasive malware - how a cloud sandbox array works
Webinar: Stopping evasive malware - how a cloud sandbox array works
 
Webinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat reportWebinar: Insights from Cyren's 2016 cyberthreat report
Webinar: Insights from Cyren's 2016 cyberthreat report
 
Webinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxingWebinar: Why evasive zero day attacks are killing traditional sandboxing
Webinar: Why evasive zero day attacks are killing traditional sandboxing
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
CrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing IntelligenceCrowdCast Monthly: Operationalizing Intelligence
CrowdCast Monthly: Operationalizing Intelligence
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016It's not about you: Mobile security in 2016
It's not about you: Mobile security in 2016
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
How to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrikeHow to Replace Your Legacy Antivirus Solution with CrowdStrike
How to Replace Your Legacy Antivirus Solution with CrowdStrike
 
Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns Cyber Security Extortion: Defending Against Digital Shakedowns
Cyber Security Extortion: Defending Against Digital Shakedowns
 
Vulnerability Prioritization and Prediction
Vulnerability Prioritization and PredictionVulnerability Prioritization and Prediction
Vulnerability Prioritization and Prediction
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
Threat hunting workshop
Threat hunting workshopThreat hunting workshop
Threat hunting workshop
 
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
CrowdStrike CrowdCast: Is Ransomware Morphing Beyond The Ability Of Standard ...
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 
Threat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-onThreat Hunting with Splunk Hands-on
Threat Hunting with Splunk Hands-on
 
Threat Hunting with Splunk
Threat Hunting with SplunkThreat Hunting with Splunk
Threat Hunting with Splunk
 

Semelhante a Top 20 Public Bug Bounty Programs

Facebook: Proving the True Value of your Social Media Efforts
Facebook: Proving the True Value of your Social Media EffortsFacebook: Proving the True Value of your Social Media Efforts
Facebook: Proving the True Value of your Social Media Efforts
Finn McAleer
 
How to operationalize social media tfm&a 2011
How to operationalize social media tfm&a 2011How to operationalize social media tfm&a 2011
How to operationalize social media tfm&a 2011
Bob Barker
 
Making Money With Social Media Jay Berkowitz
Making Money With Social Media Jay BerkowitzMaking Money With Social Media Jay Berkowitz
Making Money With Social Media Jay Berkowitz
Jay Berkowitz www.TenGoldenRules.com
 

Semelhante a Top 20 Public Bug Bounty Programs (20)

Crowdfunding for Impact, July 2016
Crowdfunding for Impact, July 2016Crowdfunding for Impact, July 2016
Crowdfunding for Impact, July 2016
 
Getting Social With Google Ad Grants
Getting Social With Google Ad GrantsGetting Social With Google Ad Grants
Getting Social With Google Ad Grants
 
Marketo@Marketo: Our Simplified Marketing Analytics
Marketo@Marketo: Our Simplified Marketing AnalyticsMarketo@Marketo: Our Simplified Marketing Analytics
Marketo@Marketo: Our Simplified Marketing Analytics
 
The Ten Hottest Strategies for Internet Marketing
The Ten Hottest Strategies for Internet MarketingThe Ten Hottest Strategies for Internet Marketing
The Ten Hottest Strategies for Internet Marketing
 
The Marketer's Blind Spot
The Marketer's Blind SpotThe Marketer's Blind Spot
The Marketer's Blind Spot
 
ProductCamp Seattle 2014 Presentation: Anil Batra
ProductCamp Seattle 2014 Presentation: Anil BatraProductCamp Seattle 2014 Presentation: Anil Batra
ProductCamp Seattle 2014 Presentation: Anil Batra
 
Nonprofit Insights: How to Socialize Your Volunteer Recruitment with Google A...
Nonprofit Insights: How to Socialize Your Volunteer Recruitment with Google A...Nonprofit Insights: How to Socialize Your Volunteer Recruitment with Google A...
Nonprofit Insights: How to Socialize Your Volunteer Recruitment with Google A...
 
Introduction to Zuberance
Introduction to ZuberanceIntroduction to Zuberance
Introduction to Zuberance
 
[CauseVox] Mastering P2P for Small Nonprofits - OPT.pdf
[CauseVox] Mastering P2P for Small Nonprofits - OPT.pdf[CauseVox] Mastering P2P for Small Nonprofits - OPT.pdf
[CauseVox] Mastering P2P for Small Nonprofits - OPT.pdf
 
Facebook: Proving the True Value of your Social Media Efforts
Facebook: Proving the True Value of your Social Media EffortsFacebook: Proving the True Value of your Social Media Efforts
Facebook: Proving the True Value of your Social Media Efforts
 
How to operationalize social media tfm&a 2011
How to operationalize social media tfm&a 2011How to operationalize social media tfm&a 2011
How to operationalize social media tfm&a 2011
 
Google Ad Grants: Become A Pro In 1 Hour
Google Ad Grants: Become A Pro In 1 HourGoogle Ad Grants: Become A Pro In 1 Hour
Google Ad Grants: Become A Pro In 1 Hour
 
Google Ad Grants Beginner to Pro in 60 minutes
Google Ad Grants Beginner to Pro in 60 minutesGoogle Ad Grants Beginner to Pro in 60 minutes
Google Ad Grants Beginner to Pro in 60 minutes
 
Making Money With Social Media Jay Berkowitz
Making Money With Social Media Jay BerkowitzMaking Money With Social Media Jay Berkowitz
Making Money With Social Media Jay Berkowitz
 
How to Operationalize Social Media TFMA 2011
How to Operationalize Social Media TFMA 2011How to Operationalize Social Media TFMA 2011
How to Operationalize Social Media TFMA 2011
 
Crowdfunding 101
Crowdfunding 101Crowdfunding 101
Crowdfunding 101
 
Genie
GenieGenie
Genie
 
Making Social Media Make Money: Ten Strategies
Making Social Media Make Money: Ten StrategiesMaking Social Media Make Money: Ten Strategies
Making Social Media Make Money: Ten Strategies
 
LeanVC : Dave McClure opens TEC SF Chapter
LeanVC : Dave McClure opens TEC SF ChapterLeanVC : Dave McClure opens TEC SF Chapter
LeanVC : Dave McClure opens TEC SF Chapter
 
Making your API a 1st Class Citizen at JustGiving (ie dogfooding your API)
Making your API a 1st Class Citizen at JustGiving (ie dogfooding your API)Making your API a 1st Class Citizen at JustGiving (ie dogfooding your API)
Making your API a 1st Class Citizen at JustGiving (ie dogfooding your API)
 

Mais de HackerOne

118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
HackerOne
 
Federal Trade Commission's Start With Security Guide
Federal Trade Commission's Start With Security GuideFederal Trade Commission's Start With Security Guide
Federal Trade Commission's Start With Security Guide
HackerOne
 
Understanding Information Security Assessment Types
Understanding Information Security Assessment TypesUnderstanding Information Security Assessment Types
Understanding Information Security Assessment Types
HackerOne
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017
HackerOne
 
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
HackerOne
 

Mais de HackerOne (13)

118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
118 Hacker-Powered Facts From The 2018 Hacker-Powered Security Report
 
Federal Trade Commission's Start With Security Guide
Federal Trade Commission's Start With Security GuideFederal Trade Commission's Start With Security Guide
Federal Trade Commission's Start With Security Guide
 
Understanding Information Security Assessment Types
Understanding Information Security Assessment TypesUnderstanding Information Security Assessment Types
Understanding Information Security Assessment Types
 
Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role Everything you Need to Know about The Data Protection Officer Role
Everything you Need to Know about The Data Protection Officer Role
 
OWASP Top 10 - 2017
OWASP Top 10 - 2017OWASP Top 10 - 2017
OWASP Top 10 - 2017
 
Voices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure PolicyVoices of Vulnerability Disclosure Policy
Voices of Vulnerability Disclosure Policy
 
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take NowGDPR Guide: The ICO's 12 Recommended Steps To Take Now
GDPR Guide: The ICO's 12 Recommended Steps To Take Now
 
Why Executives Underinvest In Cybersecurity
Why Executives Underinvest In CybersecurityWhy Executives Underinvest In Cybersecurity
Why Executives Underinvest In Cybersecurity
 
Bug Bounties and The Path to Secure Software by 451 Research
Bug Bounties and The Path to Secure Software by 451 ResearchBug Bounties and The Path to Secure Software by 451 Research
Bug Bounties and The Path to Secure Software by 451 Research
 
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
An Invitation to Hack: Wiley Rein and HackerOne Webinar on Vulnerability Disc...
 
How GitLab and HackerOne help organizations innovate faster without compromis...
How GitLab and HackerOne help organizations innovate faster without compromis...How GitLab and HackerOne help organizations innovate faster without compromis...
How GitLab and HackerOne help organizations innovate faster without compromis...
 
HackerOne Presents in China - COO Ning Wang
HackerOne Presents in China - COO Ning WangHackerOne Presents in China - COO Ning Wang
HackerOne Presents in China - COO Ning Wang
 
Tapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered SecurityTapping Hackers for Continuous Security: That's Hacker-Powered Security
Tapping Hackers for Continuous Security: That's Hacker-Powered Security
 

Último

Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 

Último (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 

Top 20 Public Bug Bounty Programs

  • 1. Top 20 Public Bug Bounty Programs The biggest, fastest, and most lucrative bounty programs on the HackerOne platform.
  • 2. The Top 20 Public Bug Bounty Programs! Welcome to HackerOne’s 2019 list of the top bug bounty programs on the HackerOne platform. The list was curated using public details available in the HackerOne directory of programs, with rankings based on the total amount of each organization’s cumulative bounties awarded to hackers over the life of their program*. It also includes accolades for those programs who placed in the top 5 for fastest response time, fastest time to bounties paid, most hackers thanked, most vulnerability reports resolved, and more. Hackers are attracted to programs that are responsive, pay well, and pay quickly. So the most popular programs are also, unsurprisingly, the ones listed here. Now, on to the list! *Note: Bounty figures do not necessarily include bounties from Live Hacking Events, Private programs, or other engagements.
  • 3. Verizon Media Creating what’s next in content, advertising and technology. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$4,000,000 Average First Response 9 HOURS Thanked 1,124 Top Bounty $6,000 Average Time to Bounty 24 DAYS Reports Resolved 5,269 Program launched February 2014 ACCOLADES #1 in All-Time Bounties Paid #1 Most Hackers Thanked #1 Most Reports Resolved Top 5 Largest Top Bounty 5 Year Club
  • 4. Uber We ignite opportunity by setting the world in motion. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,795,000 Average First Response 8 HOURS Thanked 635 Top Bounty $15,000 Average Time to Bounty 2 MONTHS Reports Resolved 1,172 Program launched March 2016 ACCOLADES Top 5 Most Hackers Thanked Top 5 Most Reports Resolved Top 5 Fastest Response Time
  • 5. PayPal Send money, pay online. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,170,000 Average First Response 5 HOURS Thanked 212 Top Bounty $30,000 Average Time to Bounty 17 DAYS Reports Resolved 430 Program launched September 2018 ACCOLADES #1 Largest Top Bounty Top 5 Fastest Response Time
  • 6. Shopify Build your business. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,100,000 Average First Response 8 HOURS Thanked 427 Top Bounty $25,000 Average Time to Bounty 2 DAYS Reports Resolved 996 Program launched April 2015 ACCOLADES #1 Fastest Time to Bounty Top 5 Most Reports Resolved Top 5 Largest Top Bounty
  • 7. Twitter See what’s happening. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$1,100,000 Average First Response 1 DAY Thanked 695 Top Bounty $15,120 Average Time to Bounty 12 DAYS Reports Resolved 995 Program launched May 2014 ACCOLADES Top 5 Most Hackers Thanked Top 5 Most Reports Resolved 5 Year Club
  • 8. Intel Making possible the most amazing experiences of the future. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$800,000 Average First Response -- Thanked 69 Top Bounty -- Average Time to Bounty -- Reports Resolved -- Program launched February 2018
  • 9. Airbnb Book unique homes and experiences. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$600,000 Average First Response 3 HOURS Thanked 257 Top Bounty $15,000 Average Time to Bounty 5 DAYS Reports Resolved 508 Program launched February 2015 ACCOLADES Top 5 Fastest Response Time Top 5 Fastest Time to Bounty
  • 10. Ubiquiti Networks Democratizing professional network technology. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$600,000 Average First Response -- Thanked 511 Top Bounty -- Average Time to Bounty -- Reports Resolved 765 Program launched March 2015
  • 11. Valve We make games, Steam, and hardware. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$570,000 Average First Response 17 HOURS Thanked 237 Top Bounty $20,000 Average Time to Bounty 30 DAYS Reports Resolved 470 Program launched May 2018 ACCOLADES Top 5 Largest Top Bounty
  • 12. GitLab A single application for the entire software development lifecycle. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$570,000 Average First Response 3 HOURS Thanked 162 Top Bounty $12,000 Average Time to Bounty 3 MONTHS Reports Resolved 318 Program launched February 2016 ACCOLADES Top 5 Fastest Response Time
  • 13. GitHub A development platform inspired by the way you work. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$520,000 Average First Response 17 HOURS Thanked 225 Top Bounty $20,000 Average Time to Bounty 7 DAYS Reports Resolved 348 Program launched April 2016 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
  • 14. Slack Imagine what you’ll accomplish together. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$420,000 Average First Response -- Thanked 420 Top Bounty $10,000 Average Time to Bounty -- Reports Resolved 838 Program launched February 2014 ACCOLADES 5 Year Club
  • 15. Starbucks The best coffee and espresso drinks. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 1 HOUR Thanked 560 Top Bounty $8,000 Average Time to Bounty 8 DAYS Reports Resolved 628 Program launched November 2016 ACCOLADES #1 Fastest Response Time Top 5 Most Hackers Thanked
  • 16. Mail.ru Making technologies simple and accessible. Top 5 Fastest Response Time Top 5 Most Hackers Thanked Top 5 Fastest Time to Bounty Top 5 Most Reports Resolved 5 Year Club ACCOLADES Program launched April 2014 BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 5 HOURS Thanked 581 Top Bounty $10,000 Average Time to Bounty 7 DAYS Reports Resolved 2284
  • 17. Grab Rides for everyone. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response 14 HOURS Thanked 200 Top Bounty $10,000 Average Time to Bounty 5 DAYS Reports Resolved 328 Program launched July 2014 ACCOLADES Top 5 Fastest Time to Bounty
  • 18. Coinbase Buy and sell cryptocurrency. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$300,000 Average First Response -- Thanked 298 Top Bounty $20,000 Average Time to Bounty -- Reports Resolved 411 Program launched March 2014 ACCOLADES Top 5 Largest Top Bounty 5 Year Club
  • 19. Snapchat The fastest way to share a moment. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$295,000 Average First Response 1 DAY Thanked 229 Top Bounty $25,000 Average Time to Bounty 7 DAYS Reports Resolved 289 Program launched April 2015 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
  • 20. HackerOne Who? Us? Program launched November 2013 BOUNTIES RESPONSE HACKERS All-Time Total Paid TOP 25 Average First Response 7 DAYS Thanked 317 Top Bounty $20,000 Average Time to Triage 20 HOURS Reports Resolved 341 Average Bounty $500 Average Time to Bounty 11 DAYS Top Bounties Paid >$280,000
  • 21. DropBox Put your creative energy to work. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$275,000 Average First Response 19 HOURS Thanked 195 Top Bounty $23,058 Average Time to Bounty 7 DAYS Reports Resolved 261 Program launched January 2015 ACCOLADES Top 5 Largest Top Bounty Top 5 Fastest Time to Bounty
  • 22. VK The largest European social network. BOUNTY RANKINGS RESPONSE HACKERS Total Bounties Paid >$265,000 Average First Response -- Thanked 379 Top Bounty -- Average Time to Bounty -- Reports Resolved 630 Program launched May 2015
  • 23. Improve your security today, with help from HackerOne HackerOne not only gives you access to community of 400,000 white hat hackers, we give you the platform, support, and expertise to make your security program one of the best in the world. These Top 20 programs are just a fraction of the more than 1,400 customers we work with everyday and who we’ve helped resolve over 120,000 vulnerability reports. When you put it all together, it’s no wonder we’re the #1 bug bounty platform in the world. To learn how we can help you, visit hackerone.com.