Jet.com takes security seriously. One of the first major retailers to launch a bug bounty program more than two years ago, Jet.com began with a private bug bounty program, harnessing a small, curated group of Bugcrowd researchers before launching its public program to the full crowd just four months later.
Our customers are leaders when it comes to security; they understand the value of harnessing the power of the crowd and the creativity of thousands of researchers that think like the adversary. Password manager technology 1Password is no exception.
At the beginning of this year we released our ‘Defensive Vulnerability Pricing Model’ that answers the question “what’s a bug worth?”. This guide outlines how much organizations should budget for crowdsourced security programs, and what reward ranges attract the right talent. In short, this guide, informed by tens of thousands of vulnerability submissions and years of running public and private crowdsourced security programs, set the first market rates for security vulns by criticality, and now organizations are beginning to adopt this guidance.
We are proud to partner with Silent Circle to offer the crowd an opportunity to earn a free Blackphone!
Silent Circle launched their bounty program with Bugcrowd in September 2014, and continues their tradition of working collaboratively with, and rewarding security researchers for their vulnerability submissions. To that same end, this contest brings together Bugcrowd's security researcher community and Silent Circle's commitment to create and support secure products.
LastPass is further deepening their commitment to application security and adding cash rewards up to $1,000 for the LastPass bounty program! As of 1600 GMT today, LastPass is now offering cash rewards from $50 to $1,000 for valid first to find vulnerabilities submitted through their Bugcrowd bounty program.