Twitter has finally attached monetary incentives to bug discoveries and will pay a reward of $140 to security researchers through its new bounty programme if they are able to report any security issues on its site and apps.
Twitter, which has teamed up with HackerOne, announced the reward programme on Wednesday and said that for each bug reported on its site Twitter.com, ads.twitter, mobile Twitter, TweetDeck, apps.twitter, and its iOS and Android apps the reward would be $140.
The programme is not a competition and it would be paying the reward on its own discretion after assessing the kind of reports about bugs it receives.
The timeframe for the reward has not been decided and therefore is ongoing as long as the programme is active. It also reserved the rights to determine the reward on the reports of the bugs, HackerOne said on its page.
Although the programme was announced yesterday, but the timeline on HackerOne’s page suggests that Twitter introduced the programme three months ago. It also shows that 46 bugs were fixed during this period, including flaws in Vine.
As of now the reward is for bugs reported on Twitter.com, ads.twitter, TweetDeck, apps.twitter, mobile Twitter, and iOS and Android apps. Until now Twitter has been just applauding researchers who find bugs on its site.
Apart from Twitter, Goggle’s bug bounty program is well-known and this year the site rewarded a researcher $ 30,000 for identifying a bug on Chrome 37. This programme has been running since 2010.