Doubling Bug Bounty rewards
We’re coming up on four years since the Bug Bounty program was first announced. A lot has changed in that time, and we constantly try to keep our reward structure…
We’re coming up on four years since the Bug Bounty program was first announced. A lot has changed in that time, and we constantly try to keep our reward structure inline with top security bug bounty programs. We’re excited to announce that starting today we’re doubling our payout amounts, bringing the minimum and maximum payouts to $555 and $20,000, respectively. This means that any report eligible for a bounty will be met with at least a $555 reward. This doesn’t mean we’re raising the bar for what is considered a valid report, we’re simply raising the payouts.
This bump to our payouts aligns with Hack the World, an annual hacking competition by HackerOne, which kicked off this morning and runs until November 18th. During this time participants compete against each other to find the most security vulnerabilities across all sites on HackerOne’s platform. We’re one of the sponsors, which means hackers will be rewarded with twice the reputation points on HackerOne when finding bugs on GitHub over the next month! As an additional incentive, we will also be rewarding all valid submissions with free unlimited private repositories for life. The increased bounty payouts are here to stay, but unlimited private repositories will only be rewarded on reports submitted on or before November 18th!
Ready to compete? Submit all reports to our Bug Bounty program. For more details on the competition, please visit the Hack the World website.
Tags:
Written by
Related posts
GitHub availability report: June 2026
In June, we experienced six incidents that resulted in degraded performance across GitHub services.
Q1 2026 Innovation Graph update: Open source collaboration is accelerating worldwide
New Innovation Graph data shows global developer communities growing faster than ever, with collaboration reaching new highs across many economies.
GitHub joins coalition advocating for fixes to California AI Transparency Act to protect open source
We’re calling for targeted amendments to resolve conflicts with open source licensing and align with international transparency frameworks while preserving regulatory intent.