This guest post originally appeared on the Binance blog.
Binance is collaborating with Bugcrowd for a new, rewarding bug bounty bonus to ensure a more robust security system for our platform. Sign in the program today and earn multiple bonuses!
Binance has run its bug bounty program through Bugcrowd for a year and a half. To build on this momentum and continue fostering our relationship with security researchers, we are excited to announce the launch of a special bonus program that multiplies payouts for consecutive vulnerabilities reports between November 22, 2019 and December 22, 2019. Through the bonus, we will also grant up to 5,000 USD as additional rewards to the top-performing security researchers reporting through the Bugcrowd platform.
We look forward to continuing our work with researchers who help us identify and resolve potential vulnerabilities within the Binance system. And to encourage participation, we are offering bonuses for multiple reports made through the program for one month, including:
- 50% bonus for two consecutive valid reports
- 75% bonus for three consecutive valid reports
- 100% bonus for four or more consecutive valid reports.
The amount of the bonus is based on technical severity of the reported vulnerabilities, ranging from 200 USD to 10,000 USD. In other words, if you report three valid vulnerabilities worthy of 600 USD, you will earn a total of $600+$600(1.5)+$600(1.75)=$2,550 through the bonus.
In addition, we will reward the top three researchers ranked by bounty amounts for valid reports during the duration of the bonus period. Here are the prizes for the top participants:
- First prize: 5,000 USD in BNB + exclusive Binance hoodie
- Second prize: 2,500 USD in BNB + exclusive Binance hoodie
- Third prize: 1,000 USD in BNB + exclusive Binance hoodie
Binance’s Bug Bounty History
Within two and a half years since its establishment, Binance has grown from a cryptocurrency exchange into a global blockchain ecosystem comprised of several arms to serve the greater mission of blockchain advancement and the freedom of money. Along with the rapid product development, Binance has put security as its utmost priority and is striving to build the most secure system to protect our users’ assets and privacy in the decentralized crypto space.
One of Binance’s most consistent security efforts has been our bug bounty program with Bugcrowd. We leverage crowdsourced security to improve the security of Binance, and Bugcrowd is the best platform to do so with its large and high-quality access to skilled security researchers around the globe.
In April 2018, we launched our bug bounty program on Bugcrowd, offering rewards to researchers who reported bugs on the Binance cryptocurrency exchange (Binance.com). Since then, we have expanded the target scopes across the Binance product matrix, rewarding for nearly 80 reported vulnerabilities that helped improve security for Binance exchange and Binance Chain, the public blockchain developed by Binance and its community.
The bug bounty program has proven to play an essential role in Binance security. The root cause analysis from reported bugs have assisted our team in the discovery of similar bug patterns in our existing and future products.
We look forward to building a more secure system and optimized user experience together with the researcher community on Bugcrowd. Get involved with the program and earn your bonuses: https://bugcrowd.com/binance