Open Bug Bounty has added a new wrinkle to crowdsourced bug hunting. Website owners can now launch a formal bug bounty program for their sites at no cost via the nonprofit. Independent security researchers will triage and vet for free all vulnerability submissions that do not require intrusive testing. The nonprofit does not accept any submissions that can only be verified through intrusive testing, such as SQL injection flaws. Since the platform launched in June 2014, it claims its community of independent security researchers has helped organizations fix over 119,000 flaws.”]
Source: https://www.darkreading.com/application-security/open-bug-bounty-offers-free-program-for-websites