GitHub announced an expanded scope with more GitHub products covered, increased reward amounts, and new Legal Safe Harbor terms for full legal protection for researchers. The company paid over $165,000 to security researchers during 2018 in rewards as part of the company’s public bug bounty program, and $250,000 in total after adding up researcher grants, private bug bounty programs, and live-hacking events. The 2019 Security Bug Bounty program will also include all first-party services under the employee-facing GitHub.net and GitHubapp.com domains.
Source: https://www.bleepingcomputer.com/news/security/github-updates-bug-bounty-program-with-expanded-scope-higher-rewards/