This is great news for the Bug Hunter and Security researcher that, now they can earn more by there bug reporting. On the List of the Bug Bounty Reward Firm one more name has been added after Google, Microsoft and Facebook
Yesterday, finally Yahoo announced the bug bounty program for the researcher. As per the news of two days back, where Yahoo reward just $12.5 USD for the vulnerability report to yahoo, now the reward has been increase upto $15,000 USD.
The reward starts from the $500 USD to $15,000 USD depending upon the level of risk carried by the Vulnerability.
Director of Yahoo Paranoids, "Ramses Martinez" have announced bounty reward on his post, stating the criteria of the bug and its bounty.
Yahoo vulnerability reporting policies address five areas which are as follows:-
1) Reporting - Yahoo improving the reporting process for bugs and vulnerabilities to allow us to react even quicker and more effectively.
3) Issue Remediation:- It’s important to note that the vulnerability in question in recent press stories had already been resolved by Yahoo’s security team by the time these stories were written. But with a more clear process, we hope to be even faster here, as well.
4) Recognition:- Submitted issues are validated by our team. Upon validation we will contact the reporting individual or organization directly. People will be contacted by Yahoo in no more than fourteen days after submission (but typically much faster). Yahoo is often useful to an individual’s career or a firm’s reputation, we will issue a formal recognition of your help either in an email or written letter, as appropriate. For the best reported issues, we will directly call out from our site an individual’s contribution in a “hall of fame.”
Yesterday, finally Yahoo announced the bug bounty program for the researcher. As per the news of two days back, where Yahoo reward just $12.5 USD for the vulnerability report to yahoo, now the reward has been increase upto $15,000 USD.
The reward starts from the $500 USD to $15,000 USD depending upon the level of risk carried by the Vulnerability.
Director of Yahoo Paranoids, "Ramses Martinez" have announced bounty reward on his post, stating the criteria of the bug and its bounty.
Yahoo vulnerability reporting policies address five areas which are as follows:-
2) Issue validation:- Yahoo’s security team currently reviews all submissions from the community
within minutes or at most a few hours. We do this 365 days a year, 24 hours a day.
within minutes or at most a few hours. We do this 365 days a year, 24 hours a day.
5) Reward:- As yahoo provides a T-Shirt for the appreciation of the researcher, now Yahoo reward researcher by bounty reward between $150 - $15,000, depending upon the level of risk carried by the Vulnerability.
Hope this will appreciate researcher and motivate them to do more White Hat / Ethical works.