Bug Bounty Program
A bug bounty program, also called a hacker bounty program or vulnerability rewards program (VRP), is a crowdsourcing initiative that rewards individuals for finding a software bug and reporting it to the organization offering a monetary reward.
Many software vendors and web sites run bug bounty programs, often paying out cash rewards to software security researchers and white hat hackers for discovering and reporting software vulnerabilities that could be exploited. Bug reports must document enough information for for the organization offering the bounty to be able to reproduce the vulnerability. Bug bounty programs are often initiated to supplement internal code audits and penetration tests as part of a vulnerability management strategy.
Back to: Glossary