Yahoo established its formal bug bounty program nearly two years ago. The company has received more than 10,000 submissions from 1,800 researchers since the program began in November 2013. About 15 percent of all submissions Yahoo receives turn out to be valid vulnerabilities. About half of the submissions are from just six percent of the researchers who submit bugs, security officials say. Yahoo recently implemented a reputation system that has helped track the most prolific and successful submitters, according to a Yahoo official. The reputation system also gives researchers a quantifiable way to compare their skills with the rest of the participants.
Source: https://threatpost.com/yahoo-touts-success-of-bug-bounty-program/114019/