If you are a security researcher who seeks out bugs plaguing online platforms, then you'll be pleased to learn that Twitter rewards handsomely those who spot vulnerabilities in its system.
A report released by Twitter on Friday, May 27, discloses that the social media platform has shelled out more than $300,000 in reward money over the past two years as payment to bug bounty hunters who found "threats and attacks against users and systems."
Twitter's report reveals that since 2014, it has received nearly 5,171 bug submissions courtesy of 1,662 researchers. The company paid the bug bounty hunters $332,420 in total as reward for their efforts.
The average amount the social media company paid out was $835. For those wondering what the highest sum Twitter paid was, it's $12,040. The maximum amount garnered by a single researcher in 2015 for spotting various vulnerabilities is a little more than $54,000. Interestingly, Twitter pays out in multiples of $140. While the minimum reward from Twitter is $140, there is no maximum amount limit.
The Bug Bounty Program enables Twitter to react better to issues and fix them swiftly before they get exploited. It also lets the social media company tap into a massive network of security researchers who alert Twitter timely.
Twitter has been running the program since May 2014 on HackerOne. The company sees it as an indispensable and invaluable resource that aids it in seeking out and addressing all types of security loops that can range from severe to the ordinary.
"We're thankful to all the security researchers who have worked hard to find and report vulnerabilities in Twitter, and we look forward to continuing our good faith relationship in 2016 and beyond," notes the company.
Those eyeing a huge payout from Twitter can attempt to locate a remote code execution security vulnerability. Why? Because Twitter shells out $15,000 for these! However, the company is yet to get a report for such a vulnerability.