Kicking off Cybersecurity Awareness Month: Researcher spotlights and additional incentives!
For this year’s Cybersecurity Awareness Month, GitHub’s Bug Bounty team is excited to offer some additional incentives to security researchers!
Cybersecurity Awareness Month is a global initiative that highlights the importance of protecting our digital work. At GitHub, security is the core of how we operate. We’re proud to participate and demonstrate our commitment to safeguarding our customer’s data. As such, GitHub’s Bug Bounty team is excited to celebrate the Cybersecurity Awareness Month this year with some additional incentives for security researchers! This includes:
- Bonuses for new and existing researchers.
- Bonus for providing Nuclei template for reproductions and fix verifications.
- Spotlight on a few of the talented security researchers who participate in the GitHub Security Bug Bounty Program.
Bonuses for new and existing researchers
For the month of October:
- A new hacker to our program will receive an additional 20% bonus on their highest severity valid submission.
- For returning hackers, we are offering an additional 10% bonus on their highest severity valid submission.
Note: these bonuses will only apply to (1) submission per researcher.
Bonus for providing Nuclei templates
A valid report that also contains a functional Nuclei template that we can use to both reproduce the report and verify that it is fixed will receive an additional 5% bonus. To learn more about Nuclei, please visit this documentation.
Researcher’s spotlight
Every year, we like to spotlight researchers who are participating in our program and learn more about them. In these interviews, we learn about their hunting methodology, interests, and more.
To read more about our previous spotlights, please check out:
- Cybersecurity spotlight on bug bounty researchers @chen-robert and @ginkoid
- Cybersecurity spotlight on bug bounty researcher @yvvdwf
- Cybersecurity spotlight on bug bounty researcher @ahacker1
- Cybersecurity spotlight on bug bounty researcher @inspector-ambitious
- Cybersecurity spotlight on bug bounty researcher @Ammar Askar
Stay tuned for more researcher spotlights this coming month!
Each submission to our bug bounty program is a chance to make GitHub, our products, the developer community, and our customers more secure, and we’re thrilled with the ongoing collaboration to make GitHub better for everyone with the help of your skills. If you are interested in participating, visit our website for details of the program’s scope, rules, and rewards.
Tags:
Written by
Related posts
Attacking browser extensions
Learn about browser extension security and secure your extensions with the help of CodeQL.
Cybersecurity spotlight on bug bounty researcher @adrianoapj
As we wrap up Cybersecurity Awareness Month, the GitHub Bug Bounty team is excited to feature another spotlight on a talented security researcher who participates in the GitHub Security Bug Bounty Program—@adrianoapj!
Securing the open source supply chain: The essential role of CVEs
Vulnerability data has grown in volume and complexity over the past decade, but open source and programs like the Github Security Lab have helped supply chain security keep pace.