Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
Security Bug Programming The Almighty Buck

Bug Bounties Are Bonanza, For a Few Persistent Hackers ( 27

chicksdaddy writes: Bug bounty programs are all the rage these days, with companies from Asana to Zendesk ( offering cash rewards for finding holes in their web sites. But is spending your weekends fuzzing someone else's application code really worth it? And is anyone really getting rich off bug bounties? The short answer is 'yes.' As this article at The Christian Science Monitor notes, top bounty researchers on sites like HackerOne and BugCrowd are indeed seeing big paydays — often in return for just hours of work perusing buggy websites. Among the eye-popping figures: researcher Mark Litchfield's $63,000 take over Labor Day weekend, which included the discovery of multiple remotely exploitable holes in a major web property, paying $15,000 each through HackerOne. Also profiled is researcher Frans Rosen and Sean "Meals" Melia, the number four ranked researcher on BugCrowd. Both claim to have netted six figure incomes in the last year on bug bounties alone. "It's like finding a gold nugget," Litchfield is quoted as saying. "Sometimes it's like finding my own gold mine."
This discussion has been archived. No new comments can be posted.

Bug Bounties Are Bonanza, For a Few Persistent Hackers

Comments Filter:

"Hello again, Peabody here..." -- Mister Peabody