Twitter started it’s bug bounty program in May 2014 and has since seen a large number of researchers submitting bug reports. It has been disclosed that Twitter received 5,171 bug reports and has made a payout of $322,420 over two years. The smallest bounty offered was $140 where as the highest was $12,040. A single bug hunter has made a whopping $54,000 in 2015.
Twitter also has a lucrative standing offer of $15,000 for anyone who discovers a vulnerability that leaves the microblogging site to remote code executions. Twitter has confirmed that it has not received any reports which is good for the company and the users in turn. Also Twitter has disclosed only 20 percent of the fixed flaws and says it will disclose flaws only after they have been fixed.
Talking about bug hunting, Facebook bug hunters get a more lucrative payout from the company for finding bugs in the social networking site. The social network has spent almost a million dollars in first two years of it’s bug hunting program. Few researchers have been paid $100,000 each for finding the bugs in Facebook!