1Password recently raised its top bug bounty reward from $25,000 to $100,000. Google paid out $3 million last year for its vulnerability reward program. The key to success remains the same — attracting the right researchers with the appropriate incentives. From defining scope to establishing attractive payout ranges and attracting a solid crowd of researchers to actively participate, starting a program can be complicated and become more complicated as the program matures, Bugcrowd’s David Baker says. The security maturity of an organization is a critical factor in determining how to reward a vulnerability.”]
Source: https://www.csoonline.com/article/3181362/how-much-is-a-bug-worth.html