If you want to make some money from catching bugs and are sick of pentesting Facebook, Google, and Microsoft's products, Uber may be your new favorite playground.
During Uber's beta bug bounty program, which was conducted over a time period of 10 months with 200 security researchers, about 100 bugs were discovered in the company's websites and apps.
The San Francisco-based company that revolutionized the ride-sharing industry over the past few years opened up this program to everyone on March 22nd. So if you've got some decent skills, you can make a few extra bucks just by hacking Uber, finding and eliminating their problematic bugs, glitches, and vulnerabilities.
However, there are a couple of significant differences in Uber's approach as opposed to the other tech giants. For starters, Uber wants to make this a satisfying endeavor with a decent, competitive monetary offer for any serious bugs that are found. Critical issues can get up to a $10,000 reward, significant issues up to $5,000, and medium issues up to $3,000.
Additionally, Uber has constructed a "treasure map" of sorts that gamifies the approach, while also providing precise layouts of their network of websites and apps for researchers to comb through to find any problems.
Uber had also put a loyalty program in place, which began on May 1st and will last 90 days. The more bugs one finds, the bigger the payout becomes for the researcher. In this way, Uber seems to be taking a more progressive approach in treating hackers with respect for their abilities.
Since beginning the public bug bounty program, Uber has awarded hackers with a total of $340,670 so far, with an average payout of between $500 and $1,000. If you're an Uber user, that's a pretty good sign that your information is pretty secure, but that could change as more hackers get involved.
Want to start making money as a white hat hacker? Jump-start your white-hat hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from ethical hacking professionals.