In April we announced a Mobile bonus reward program for researchers that submitted valid, non-duplicate mobile vulnerabilities for a chance to win $1000, and in early June we expanded the program to two bonuses. We are excited to announce our two winners, and congratulate putsi and robinooklay for their mobile submissions!
We got a great response with the bonus program and have new public bounty programs with mobile targets, so we’ve decided to run it again! The details are as follows:
- From July 1st through September 30th, 2016, every valid and non-duplicate mobile vulnerability submitted will be entered into a raffle to win one of two cash prizes, $1000 each.
- Each valid submission equals an additional entry into the contest, so if you’ve submitted five valid bugs you will have five entries to win $1000! (By submitting valid mobile vulnerabilities, you may also qualify to receive invitations to private mobile testing programs.
How to Get Started:
- Whenever you’re ready, email us at firstname.lastname@example.org and let us know that you are interested in Android / iOS / BlackBerry / Windows Phone mobile app testing.
- Please specify what physical hardware you have access to test on (i.e. iPhone, iPad, WinPhone, etc.)
- If you’re new to mobile app testing, let us know and we can send additional online resources to help you get started.
- In the meantime feel free to start testing on the following public programs that we currently have running with mobile targets:
New to Mobile hacking or got the skills but want to multiply them? Bugcrowd’s Director of Technical Operations Jason Haddix has compiled a great resource for Mobile testers and developers alike in his Mobile App Security Resources Kit.
As always, feel free to reach out with questions, and Happy Mobile Hunting!!