What is Bug Bounty Program?
A bug bounty program is a deal offered by many websites and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to exploits and vulnerabilities.
A bug bounty program, also called a vulnerability rewards program (VRP).
These programs allow the developers to discover and resolve bugs before the general public is aware of them, preventing incidents of widespread abuse.
Indian Researchers : Bug Bounty
“Researchers in Russia earned the highest amount per report in 2013, receiving an average of $3,961 for 38 bugs. India contributed the largest number of valid bugs at 136, with an average reward of $1,353. The USA reported 92 issues and averaged $2,272 in rewards. Brazil and the UK were third and fourth by volume, with 53 bugs and 40 bugs, respectively, and average rewards of $3,792 and $2,950”, Facebook quoted in a post.
Interesting story of a Indian Bug Bounty Hunter : Shubham Gupta
Google has raised its top reward for remote code execution bugs in its Google, Blogger and YouTube domains from an even $20,000 to $31,337, marking a 50 percent rise plus a bonus $1,337 or ‘leet‘ reward. It’s also bumped up its ‘Unrestricted file system or database access’ reward by 30 percent plus ‘leet’ to $13,337.
Only a handful of Indian companies are willing to bug bounty hunters look at their code. The few that do are startups like Paytm, Ola, Mobikwik.