Social network VKontakte owned by Mail.ru Group) paid security professionals more than $148,000 for detecting vulnerabilities in social networking services and applications following the results of two years of the program, VKontakte said on May 29, TASS reports.
VKontakte uses a popular platform HackerOne, through which experts can inform companies about the detected vulnerabilities and be paid for it. The program involves the world’s largest IT companies, including Adobe, Twitter, Uber, Snapchat and Dropbox.
“In two years of participation in HackerOne vulnerability search program, VKontakte social network paid out over $148,000 to 292 information security specialists – they reported technical vulnerabilities in the company’s services and official mobile applications,” the company’s report said.
Overall, since May 2015, VKontakte has received more than 3,000 reports, 385 of which were useful and their authors were rewarded.
The minimum amount of remuneration is $100, its size depends on the severity of the identified vulnerability. Remuneration is paid only to the first specialist who reported an error. If a specialist used the identified vulnerability against users of the social network, he or she will not receive the reward.