Aditya S, a Jaipur-based security researcher, has won a reward of USD 20,000 (approximately INR 15 lakh) for spotting a bug under Microsoft Azure Bounty Program. The company awards the bounty reward based on the severity, security impact, and report quality.
The Microsoft Azure Bounty Program invites researchers globally to identify vulnerabilities in Azure products and services. The qualified submissions are awarded bounty ranging from USD 500 to USD 60,000.
Check competitions, hackathons, quizzes, and other opportunities here.
He claims to have reported a remote code execution (RCE) bug, which is relatively a new bug that allows an attacker to execute commands on someone else's computing device remotely.
What is Bug Bounty?
As per definition from Oxford Languages, ‘Bounty’ is a sum paid/reward for killing or capturing a person or animal.
Coming to the technical context, let’s understand this in simpler terms. Bug Bounty is a reward for finding an error in a computer program or system.
These days many companies and service providers are running official vulnerability disclosure programs to crowdsource penetration testing. In return, bug hunters are offered prizes for discovering cybersecurity flaws.
As appealing as it sounds, bug bounty hunting requires staying up to date on new bugs. If you really want to get started with bug bounty, your academic background or domain doesn't matter; you can start learning about ethical hacking and the required tools at any point in time. (rather than focussing on just making money)
To help you kick start your journey to bug hunting, here are 5 bug bounty programs you can fix your eyes and mind on!
5 bug bounty programs (with bounty links)
Company |
Bug Bounty Range |
Bounty Link |
---|---|---|
|
USD 100 - USD 31,337 |
https://www.google.com/about/appsecurity/reward-program/ |
|
USD 500 - no upper limit |
https://www.facebook.com/whitehat/ |
Dropbox |
USD 216 - no upper limit |
|
Intel |
No lower limit - USD 150,000 |
https://www.intigriti.com/ |
Airbnb |
USD 150 - USD 15,000 |
https://hackerone.com/airbnb/ |
If you wish to hunt bugs skillfully and competently while making a hefty bounty in return, look for free courses and connect with elite researchers.
The easiest and most effective way to learn from seasoned ethical hackers' works is to read disclosed reports on bug bounty platforms like HackerOne.
Here's to crushing big bug bounties!
Suggested reads for aspiring bug bounty hunters:
- What’s The Difference Between A MAC Address And An IP Address?
- What Is The Difference Between Java And JavaScript?
- Advantages And Disadvantages of CSS: Know All About The Design Language
- Difference Between HTML And HTML5: What Distinguishes The Two?
- Difference Between Static And Dynamic Memory Allocation (With Comparison Chart)
Login to continue reading
And access exclusive content, personalized recommendations, and career-boosting opportunities.
Comments
Add comment