Rate our bugs, says Yelp

Yelp has joined the growing ranks of outfits offering cash for security bug reports, after it started a bounty program with HackerOne.

The customer-submitted reviews website is offering a maximum bounty of $15,000 for the most serious programming blunders, with a string of lower prizes going all the way down to a parsimonious $100 for minor tweaks.

"There’s no such thing as a perfect technology - not since they put the finishing touches on the wheel - but here at Yelp we are committed to getting as close as we can," the firm said in a blog post.

"It’s a big world and we believe that working with skilled security researchers from all corners is the key to identifying the weaknesses in any technology. If you think you have found a security issue in our product, it could be your lucky day."

Yelp says its security engineers are primed and ready, and all submissions will be publicly credited by the company for security engineers can claims the credit as well as the cash. ®


Biting the hand that feeds IT © 1998–2017