Yet another company has launched a public bug bounty program
to lure in hackers in an effort to find and eradicate vulnerabilities. Yelp is the latest company to do such a thing. Specifically, they are inviting hackers to dissect its websites and mobile application
and look for vulnerabilities that could affect reviewers and businesses. In return, they will pay "researchers" who find vulnerabilities, starting at $100 and maxing out at $15,000 "for more complex and critical exploits." TechCrunch reports: "The program, which Yelp is coordinating through the bug bounty platform HackerOne, is a public extension of a bug bounty system that Yelp has privately run for two years. The private version was open to dozens of researchers, who uncovered more than 100 vulnerabilities for Yelp and earned $65,160 in total, and focused primarily on Yelp's main website. Now, Yelp is inviting everyone to test Yelp sites and products. Yelp, which averages 73 million unique visitors to its desktop site and 63 million unique visitors on mobile each month, is asking hackers to cover broad ground -- the bug bounty program includes the company's main website, yelp.com, as well as its business-owners website, apps, reservation platform, corporate blogs, support center, and API."