Zomato sets a bounty of nearly ₹3 lakh for finding bugs in its apps and website

Advertisement
Zomato sets a bounty of nearly ₹3 lakh for finding bugs in its apps and website
Zomato
  • Zomato has raised the bounty across severity levels on its Bug Bounty Program.
  • You can win up to $4,000 if you find a bug on its website or app.
  • Zomato’s security team will decide the CVSS score depending on the vulnerability.
Indian restaurant aggregator and food delivery platform Zomato has increased the bounty across severity levels for its Bug Bounty Program. Anyone who finds a bug in Zomato’s app or website can win up to $4,000 (approx. ₹ 298,000) depending on its vulnerability. In a statement on hackerone, Zomato announced the raise in bounty and said that the program was a crucial part of the company’s security efforts.

One of Zomato’s security engineers, Yash Sodha, tweeted the statement while inviting people to join the program and help the company’s security efforts. In the tweet, he shared that a critical vulnerability bug could land you a bounty of $4,000 and if you find a high vulnerability bug, you will receive $2,000.

Zomato uses Common Vulnerability Scoring System (CVSS) to determine the severity of a vulnerability and the bounties will be given to people as per the CVSS score determined by the company’s security team.

Advertisement

As per the statement, a critical vulnerability with a CVSS score of 10.0 will get $4,000, while a critical vulnerability with a CVSS score of 9.5 will be rewarded with $3,000 and so on. The company has encouraged the hacker community to take part in the program and it will require two-factor authentication to participate in it.

SEE ALSO:
There are a few reasons why Zomato wants $8 billion valuation from its IPO — here's a look at if it makes sense
Zomato IPO to open on July 14 ⁠with shares priced at ₹72-76 apiece
{{}}