Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Bug Security Businesses Communications Network Privacy Social Networks Software The Internet Technology

Yelp Launches Public Bug Bounty Program (techcrunch.com) 14

Yet another company has launched a public bug bounty program to lure in hackers in an effort to find and eradicate vulnerabilities. Yelp is the latest company to do such a thing. Specifically, they are inviting hackers to dissect its websites and mobile application and look for vulnerabilities that could affect reviewers and businesses. In return, they will pay "researchers" who find vulnerabilities, starting at $100 and maxing out at $15,000 "for more complex and critical exploits." TechCrunch reports: "The program, which Yelp is coordinating through the bug bounty platform HackerOne, is a public extension of a bug bounty system that Yelp has privately run for two years. The private version was open to dozens of researchers, who uncovered more than 100 vulnerabilities for Yelp and earned $65,160 in total, and focused primarily on Yelp's main website. Now, Yelp is inviting everyone to test Yelp sites and products. Yelp, which averages 73 million unique visitors to its desktop site and 63 million unique visitors on mobile each month, is asking hackers to cover broad ground -- the bug bounty program includes the company's main website, yelp.com, as well as its business-owners website, apps, reservation platform, corporate blogs, support center, and API."
This discussion has been archived. No new comments can be posted.

Yelp Launches Public Bug Bounty Program

Comments Filter:
  • Have your website done entirely in JPEG.

  • All they do is raise the price on the black market.

    • All they do is raise the price on the black market.

      Isn't that a good thing?

      • Well yeah, for some people it definitely is. Problem is, what I forgot to mention before, if you try to go the "legitimate" route as the good samaritan, you risk getting arrested if you don't report the bugs anonymously and you try to collect the bounty. Why take that kind of chance?

  • If I'm somewhere that I'm thinking about Yelp and I see a bug, you can be sure I'll post about it.

Be sociable. Speak to the person next to you in the unemployment line tomorrow.

Working...