Since 2016, researchers have submitted nearly 8,000 unique Bug Bounty reports.
Recently, Netflix reported that since the launch of the Bug Bounty program in 2016, the streaming giant has already paid researchers more than a million dollars in rewards for discovered bugs and vulnerabilities in the company's products.
So far, more than 5,600 researchers have participated in this program, submitting about 8,000 unique vulnerability reports. The reward was paid for 845 vulnerabilities, and more than a quarter of them were rated as critical.
In addition, the company recently announced the abandonment of the Bugcrowd vulnerability management platform used since 2018 and the transition to another platform — HackerOne. With its help, Netflix promises to improve report processing, increase rewards, expand coverage, launch exclusive private programs, and provide feedback for researchers.
For problems such as spoofing authorizations and obtaining private keys, researchers can get from $300 to $5,000. For vulnerabilities related to corporate assets — up to $10,000, and for critical vulnerabilities affecting the Netflix domain[.]com, the reward can reach up to $20,000. The program also covers mobile applications of the streaming service.
The company invites everyone to join the Bug Bounty program on the HackerOne platform and expresses its sincere gratitude to the research community for their continued support and contribution to ensuring the security of the service.
Recently, Netflix reported that since the launch of the Bug Bounty program in 2016, the streaming giant has already paid researchers more than a million dollars in rewards for discovered bugs and vulnerabilities in the company's products.
So far, more than 5,600 researchers have participated in this program, submitting about 8,000 unique vulnerability reports. The reward was paid for 845 vulnerabilities, and more than a quarter of them were rated as critical.
In addition, the company recently announced the abandonment of the Bugcrowd vulnerability management platform used since 2018 and the transition to another platform — HackerOne. With its help, Netflix promises to improve report processing, increase rewards, expand coverage, launch exclusive private programs, and provide feedback for researchers.
For problems such as spoofing authorizations and obtaining private keys, researchers can get from $300 to $5,000. For vulnerabilities related to corporate assets — up to $10,000, and for critical vulnerabilities affecting the Netflix domain[.]com, the reward can reach up to $20,000. The program also covers mobile applications of the streaming service.
The company invites everyone to join the Bug Bounty program on the HackerOne platform and expresses its sincere gratitude to the research community for their continued support and contribution to ensuring the security of the service.