New Step has been taken by the popular social network, Twitter towards protecting the integrity of its services.The company announced on Wednesday about the launch of new bug bounty program, offering experts by paying them minimum of $140(€108) per Vulnerability. Managed through third-party broker HackerOne the programs offers the awards.
Other sites that are using HackerOne for running bug-bounty programs are 4Chan, Yahoo, CloudFlare, Square, Urban Dictionary, Sucuri, Mail.ru and OkCupid.
The reward is for eligible vulnerabilities in the web-based services, as well as in smartphone apps both android and iOS. There is no maximum limit for this bug bounty program as the reward depends upon how serious the reported issue is about.
For researchers to be eligible for the award is that they must be the first one to report the issue and shouldn’t publish the issue until the reported issue is fixed, says Twiiter.
Qualifying glitches include cross-site scripting (XSS), cross-site request forgery (CSRF), remote code execution (RCE), and unauthorized access to protected tweets and direct messages.
A bug bounty program is a great method for companies to manage the disclosure process for vulnerabilities affecting its services and customers, but obviously we should represent an offering and invest on it to avoid vulnerability.
To view tweets click here