Heroku is the first dedicated PaaS to start an ongoing bug bounty program. Heroku joins the likes of Github, Facebook, Mozilla, and Google as companies who reward researchers for finding valid vulnerabilities in their applications. The Bugcrowd security community of 8,000 security researchers will help protect thousands of Heroku customers. The program will be managed by the crowdsourced security company that specializes in bug bounty management. On Jan 30, Github launched their own bug bounty programs as well as Heroku.”]
Source: https://informationsecuritybuzz.com/news/heroku-launched-bug-bounty-program/