Twitter is the latest major Internet company to establish a bug bounty program. The company will pay researchers for finding vulnerabilities in its main Web site and the Twitter apps for iOS and Android. The types of vulnerabilities that are in scope for the program include XSS, CSRF, remote code execution, unauthorized access to private tweets or direct messages. Bug bounties have become de rigeur for many large software and Web companies, including Facebook, Yahoo, Google and many others. Twitter s reward program starts with a minimum bounty of $140 and doesn t have a maximum payout.
Source: https://threatpost.com/twitter-launches-bug-bounty-program/108062/