Yahoo Bug Bounty Program Shells out More Than $1 Million
Posted by: Timothy Weaver on 07/31/2015 09:27 AM
[
Comments
]
In the two years that Yahoo has offered a bug bounty, Yahoo has paid out more than $1 million to security researchers.
The company's interim CEO, Ramses Martinez, who called 2015 a pivotal year, said: “community engagement is at an all time high” and the team “is able to triage and fix bugs fast than ever.”
Submissions reached a total of 10,000, while 1,500 received a bounty award. Nearly half of submissions are from the top six percent of contributors, the post states, and 87 percent of researchers submit fewer than 10 bugs, or about 34 percent of submissions.
Martinez also pointed out the program's reputation system. He wrote that the bounty system “has made our top vulnerability reporters more meaningful by illustrating not only the number of reports they submit, but the severity value we assigned to each.”
Source: SCMagazine
The company's interim CEO, Ramses Martinez, who called 2015 a pivotal year, said: “community engagement is at an all time high” and the team “is able to triage and fix bugs fast than ever.”Submissions reached a total of 10,000, while 1,500 received a bounty award. Nearly half of submissions are from the top six percent of contributors, the post states, and 87 percent of researchers submit fewer than 10 bugs, or about 34 percent of submissions.
Martinez also pointed out the program's reputation system. He wrote that the bounty system “has made our top vulnerability reporters more meaningful by illustrating not only the number of reports they submit, but the severity value we assigned to each.”
Source: SCMagazine
Comments
