/>
X

HackerOne's top 20 public bug bounty programs

These are the top 20 biggest, fastest, and most lucrative bounty programs on the HackerOne platform.
|
catalin-cimpanu.jpg
|
Topic: Security
Verizon
1 of 20 Catalin Cimpanu/ZDNet

Verizon Media

The unquestionable leader on the HackerOne platform is Verizon Media's bug bounty program, which currently ranks #1 in all-time bounties paid (over $4 million), #1 in hackers the company thanked (1,124), and #1 in most bug reports resolved (5,269).

Uber
2 of 20 Catalin Cimpanu/ZDNet

Uber

Ranking second on HackerOne is Uber's bug bounty program, which paid over $1,795,000 in bounties and resolved 1,172 bugs in its products, among many other things.

PayPal
3 of 20 Catalin Cimpanu/ZDNet

PayPal

Despite arriving on the platform last September, PayPal has established itself as one of the leading bug bounty programs on HackerOne, and is currently credited with paying the highest bug bounty reward on the platform, with a payout of $30,000.

Shopify
4 of 20 Catalin Cimpanu/ZDNet

Shopify

Ranked #4 on HackerOne with total payouts of over $1.1 million, Shopify is also ranked #1 in having the shortest payout time, with only two days from resolving a bug to paying a security researcher.

Twitter
5 of 20 Catalin Cimpanu/ZDNet

Twitter

With one of the oldest programs on HackerOne, launched in May 2014, Twitter has paid over $1.1 million in to security researchers in bug bounties.

Intel
6 of 20 Catalin Cimpanu/ZDNet

Intel

Arriving on HackerOne after the Meltdown and Spectre vulnerability disclosure debacle, Intel has established itself as the most important program on the platform, ranking #6 overall,and  paying researchers a total of over $800,000 in bug bounties.

Airbnb
7 of 20 Catalin Cimpanu/ZDNet

Airbnb

Ranking #7 is Airbnb with over $600,000 in paid bounties, 508 resolved reports, and 257 thanked researchers.

Ubiquiti Networks
8 of 20 Catalin Cimpanu/ZDNet

Ubiquiti Networks

Ranking #8 is Airbnb with over $600,000 in paid bounties, 765 resolved reports, and 511 thanked researchers.

Valve
9 of 20 Catalin Cimpanu/ZDNet

Valve

One of the more recent programs to arrive on HackerOne is Valve. Despite this, the company managed to rank #9 overall, with $570,000 in paid bounties, and a top reward of $20,000 -- enough to rank in the top 5 of largest bounties paid on the platform.

GitLab
10 of 20 Catalin Cimpanu/ZDNet

GitLab

Ranking #10 is code hosting platform GitLab with over $570,000 in paid bounties, 318 resolved reports, and 162 thanked researchers.

GitHub
11 of 20 Catalin Cimpanu/ZDNet

GitHub

While GitHub may be above GitLab in popularity, it ranks under its competitor on the HackerOne ranking, one spot below, on #11.

Slack
12 of 20 Catalin Cimpanu/ZDNet

Slack

Ranking #12 is Slack with a total of over $420,000 in paid bounties, 838 resolved reports, and 420 thanked researchers.

Starbucks
13 of 20 Catalin Cimpanu/ZDNet

Starbucks

The last place you'd expect to find Starbucks is on HackerOne's top 20 bug bounty programs, but here it is, on #13 with over $300,000 in paid bounties for bugs reported in its web and mobile apps.

Mail.ru
14 of 20 Catalin Cimpanu/ZDNet

Mail.ru

Despite ranking #14, Mail.ru has rounded up some accolades on HackerOne. The Russia-based email provider is in the top 5 for fastest response time, top 5 most hackers thanked, top 5 fastest time to pay out bounties, and the top 5 most resolved reports.

Grab
15 of 20 Catalin Cimpanu/ZDNet

Grab

Ranking #15 is ride-sharing platform Grab with a total of over $300,000 in paid bounties, 328 resolved reports, and 200 thanked researchers.

Coinbase
16 of 20 Catalin Cimpanu/ZDNet

Coinbase

Ranked #16 is cryptocurrency trading platform Coinbase with over $300,000 in paid bounties and a top bounty of $20,000.

Snapchat
17 of 20 Catalin Cimpanu/ZDNet

Snapchat

Ranked #17 on HackerOne's ranking is Snapchat. The company's lauded for having a first response time to new bug reports of under a day.

HackerOne
18 of 20 Catalin Cimpanu/ZDNet

HackerOne

#18 is HackerOne itself, which also runs its own bug bounty program on its own platform and has paid researchers quite a few rewards since November 2013, when it first launched.

Dropbox
19 of 20 Catalin Cimpanu/ZDNet

Dropbox

#19 is one of HackerOne's early adopters, file-sharing platform Dropbox. The company can boast with over $275,000 in paid bounties and a top bounty of $23,058.

VK
20 of 20 Catalin Cimpanu/ZDNet

VK

Russian social platform VK is ranked #20 on HackerOne's top public bug bounty programs with over $265,000 in paid rewards, 379 thanked hackers, and 630 resolved reports.

Related Galleries

Yubikey Security Key C NFC
Security Key C NFC

Related Galleries

Yubikey Security Key C NFC

First look at the YubiKey Bio
YubiKey Bio

Related Galleries

First look at the YubiKey Bio

iVerify (version 17)
iVerify for iOS and iPadOS

Related Galleries

iVerify (version 17)

OnlyKey hardware security key
OnlyKey

Related Galleries

OnlyKey hardware security key

SoloKeys Solo V2
Solo V2

Related Galleries

SoloKeys Solo V2

iVerify: Added security for iPhone and iPad users
iVerify

Related Galleries

iVerify: Added security for iPhone and iPad users

iStorage datAshur BT hardware encrypted flash drive
iStorage datAshur BT

Related Galleries

iStorage datAshur BT hardware encrypted flash drive