Twitter Rolls Out Its Own Bug Bounty Program

Twitter Rolls Out Its Own Bug Bounty Program

twitter Twitter Rolls Out Its Own Bug Bounty ProgramTwitter seeks the help of its users in cracking the vulnerability of the microblogging site. The company offers cash incentive to those who could provide information about bugs that may have been  affecting the usage of the service.


In a statement, Twitter officially announced its own bug bounty program in an aim to welcome researchers and users to contribute to the improvement of the site. The microblogging platform now joins  other tech heavyweights that have already rolled out their own bounty programs like Google, PayPal, Facebook, Mozilla, and Yahoo.

Partnership with H1

For its part, Twitter has teamed up with HackerOne or H1, a third-party platform designated for reporting online bugs. For the campaign, Twitter said it is offering at least $140 for a bug detection. However, it clarified that the compensation could be adjusted to conform with the severity of the identified flaw. Twitter also reiterated that the bug bounty program is not a competition or contest.

Like us on Facebook

Twitter first joined H1 about three months ago. Since then, it has already fixed up to 46 bugs and identified 44 hackers who were elevated to its Hall of Fame list. With the bounty program, it is expected that this endeavor to crack down on bugs will continue.

Initially, the program offers monetary rewards for vulnerabilities that are found on its website as well as on its popular Android and iOS apps. It is expected to announce expansion to other platforms in the coming weeks or months.

Some clarifications

Twitter also clarified that the bounty program will not be applied retroactively. Thus, reports on bugs that it had received before the launch last Wednesday (September 3), will not be considered as eligible for the program. The Website also did not set any timeframe or end date for the program. This may mean that the hunt for bugs is on for an indefinite period.

The online site wants to maintain top-notch security online. This time, it taps the community effort to make it more effective. It expects the vibrant support group in its community to actively help spot current and potential issues.