Save over 40% when you secure your tickets today to TNW Conference 💥 Prices will increase on November 22 →

This article was published on April 17, 2014

Heroku launches bug bounty program with rewards ranging from $100 to $1,500


Heroku launches bug bounty program with rewards ranging from $100 to $1,500

Heroku today launched a bug bounty program in conjunction with Bugcrowd. Rewards range between $100 and $1,500, with the amount being completely based on the severity of the vulnerability. If a security researcher shows interest in donating their bounty to a recognized charity, Heroku promises to match it dollar-for-dollar.

Customer apps are out of scope for the bounty, but Heroku promises to pass information along if security researchers inform the company anyway. “Working with security researchers to ensure the trustworthiness of Heroku’s platform is an ongoing effort of ours,” the company says.

Until now, Heroku has merely listed security researchers who report bugs to the company on its Hall of Fame. It will continue to provide this public recognition and thanks, in addition to financial incentives.

See also – GitHub launches Bug Bounty program, offers between $100 and $5,000 for security vulnerabilities and Microsoft and Facebook sponsor Internet Bug Bounty program, offer cash for hacking the Internet stack

Image Credit: Tracy Olson

Get the TNW newsletter

Get the most important tech news in your inbox each week.