- $120 – $5,000 per vulnerability
- Up to $10,000 maximum reward
A New Platform Feature Has Entered BETA!
We have been developing a new platform feature, with the goal of reducing duplicates by sharing impactful data about what types of VRT categories have been found on the program to date.
We know it sucks to have your hard work be marked duplicate of a previously known/reported issue, so our development work has been focused around finding a great balance between the need to protect vulnerability data while providing you with the information you need as a Researcher to more effectively target your time and efforts (+ maximize reward potential!).
Today, this BETA feature will be enabled on a number of OnGoing programs, which have agreed to participate. Upwork is one such program!
Not all programs will have this turned on during the BETA period. (After the BETA is complete, the feature will still require an opt-in from the program owner to be enabled.)
For programs which have this BETA featured enabled, you will see a new section on the bounty brief:
- The counts in this section include all customer-imported issues and crowd reported issues which have been successfully triaged.
- Clicking further into the table will reveal additional sub categorization and the corresponding counts for issues which are in substates Triaged, Unresolved and Duplicate.
During the next few weeks, please experiment with the new data and how this information can help you focus your testing experience. We will be formally gathering feedback at the end of the BETA period, but as always, if you have any questions or comments please feel free to reach out to Support@bugcrowd.com!
Your Bugcrowd Product, Engineering and Researcher Success teams