As part of the HackerOne program, Twitter had paid $322,420 (approximately INR 2.1 crore) to researchers and bug hunters worldwide. These people critically diagnosed the Twitter system and reported vulnerabilities in the last two years.
Commenting on the development, Arkadiy Tetelman, software engineer at Twitter disclosed that the company maintain a secure development lifecycle that includes secure development training to everyone that ships code, security review processes, hardened security libraries and robust testing through internal and external services
Over the last two years, the company has received 5,171 submissions to the program from 1,662 researchers and 20 percent of resolved bugs were publicly disclosed. However, the company will disclose the bugs only after getting approval from the concened researcher.
While the average payout is $835, Twitter pays a minimum of $140 for discovery of a bug. If the researcher discovers a highly critical bug then he/she will be eligible for a high payout of $12,040.
In 2015, Twitter paid over $54000 to a single researcher for reporting wide range of vulnerabilities. The company is offering a minimum of $15000 for the discovery of remote code execution vulnerabilities.
After the launch of “HackerOne” program, th company discovered XSS inside Crashlytics Android app that renders part of its content inside a webview, which did not have adequate protection against cross site scripting attacks.
Twitter has been making use of “HackerOne” since May 2014. Tetelman further revealed that the program is an invaluable resource for finding and fixing security vulnerabilities ranging from the mundane to severe.
more recommended stories
BSNL Rs 98 prepaid Plan Gets Better With 2GB data alongside Eros Now
BSNL has revised Rs 98 prepaid.
Redmi Note 7 Launch in India on February 28: Everything you need to know
Xiaomi is all set to launch.
Mi Home Security Camera Basic Launched: Everything you need to know
Xiaomi has launched the much-awaited Mi.
BSNL likely to axe 54000 employees for survival
BSNL is in the news for.
Amazon Basics listed again on Amazon after FDI compliance
Amazon faced a huge crisis after.
Beware of SAR: List of Smartphones that emits high radiation
We now have access to several.