In 2019, the State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs) since then. COVID-19 has changed the digital security landscape, as well. With that in mind, it’s time for an updated list.Here are 10 essential bug bounty programs for 2020.10. AppleWebsite: https://developer.apple.com/security-bounty/Minimum Payout: $5,000Maximum Payout: $1 millionFirst announced at Black Hat USA 2016, Apple’s bug bounty program originally welcomed just two dozen security researchers who had previously reported vulnerabilities they had found in the tech giant’s software. The tech firm later opened its bug bounty program to all security researchers, as reported by The Verge in December 2019.Apple will pay $25,000 for flaws that could allow an actor to gain unauthorized access to a user’s iCloud account. Meanwhile, it will hand over $100,000 to those who can partially extract data from a locked device after first unlock. The highest bounty comes in at $1 million for a zero-click remote chain with full kernel execution and persistence.9. FacebookWebsite: https://www.facebook.com/whitehatMinimum Payout: $500Maximum Payout: No predetermined amountThose wishing to qualify for a reward in Facebook’s bug bounty program can report a security issue in Facebook, Atlas, Instagram, WhatsApp and a few other qualifying products and acquisitions. There are a few security issues which the social networking platform considers out-of-bounds, however. For instance, researchers who report on social engineering techniques, content injection or denial-of-service (DoS) attacks won’t be e ..
Support the originator by clicking the read the rest link below.
