I think the top bug hunters should be rewarded by the bug bounty platforms with DATA.
I want to know which projects are actually worth my time to audit, not waste hours on trial and error.
Give us a transparent list of projects that actually care about security. It’d save a ton of time and lead to way more valuable findings, a win for everyone.
Here are some parameters for example:
Actual Average triage response time
Average payout time
Average severity accepted
Percentage of duplicates vs. valid reports
Number of resolved vs. open reports
Last bounty paid / last report date
Median payout per valid report
Max payout per vulnerability type
Historical bounty trend
% of reports marked “Informative”
MOST IMPORTANT OF ALL:
Dedicated security team presence which should be rated by the security researchers that were paid at the end for that program.
I would gladly pay out of my pocket or percentage of all my findings to get this data.
It would make a huge difference at least for me.
Exploiting slash/backslash mismatch to trigger cache poisoning.
This one-liner bug by @bassemsadaqah led to a CDN-wide DoS on Shopify and is a great example of how simple tricks can lead to impactful issues in mature organizations.
Full report here 👇
https://t.co/X4QXsX2VNF