GitHub has announced a bounty program to pay researchers $100 to $5,000 for vulnerabilities. The program is open to all researchers who are at least 13 years of age. There are limits as to what can be tested and how tests can be performed. Automated scanning tools are forbidden, as are attacks that could “harm the reliability/integrity” of GitHub’s services. Non-technical attacks, such as social engineering and Phishing, are also forbidden. GitHub has rules of their own to follow, including processing submissions as quickly as possible.”]
Source: https://www.csoonline.com/article/2137006/github-launches-bounty-program–promises–5k-max-reward.html