Heroku launches bug bounty program with rewards ranging from $100 to $1,500

Heroku launches bug bounty program with rewards ranging from $100 to $1,500

Heroku today launched a bug bounty program in conjunction with Bugcrowd. Rewards range between $100 and $1,500, with the amount being completely based on the severity of the vulnerability. If a security researcher shows interest in donating their bounty to a recognized charity, Heroku promises to match it dollar-for-dollar.

Customer apps are out of scope for the bounty, but Heroku promises to pass information along if security researchers inform the company anyway. “Working with security researchers to ensure the trustworthiness of Heroku’s platform is an ongoing effort of ours,” the company says.

Until now, Heroku has merely listed security researchers who report bugs to the company on its Hall of Fame. It will continue to provide this public recognition and thanks, in addition to financial incentives.

See also – GitHub launches Bug Bounty program, offers between $100 and $5,000 for security vulnerabilities and Microsoft and Facebook sponsor Internet Bug Bounty program, offer cash for hacking the Internet stack

Image Credit: Tracy Olson

Read next: Laughing Giraffe's new Soundpix app makes your photos talk

Corona coverage

Read our daily coverage on how the tech industry is responding to the coronavirus and subscribe to our weekly newsletter Coronavirus in Context.

For tips and tricks on working remotely, check out our Growth Quarters articles here or follow us on Twitter.