Bug Bounty

A bug bounty is a reward offered by the owners of a website, software company, or other business to outside individuals in return for finding and reporting bugs in a system. Companies offer these rewards to incentivize ethical white-hat hackers to identify security holes before criminal hackers do. Rewards are usually a mix of financial compensation and professional recognition for the hacker.

While most software companies employ their own in-house security researchers to find and resolve possible security holes, an outside perspective is always valuable. A zero-day exploit discovered and used by a black-hat hacker can cause a company significant financial loss, a public relations fiasco, or even legal liability. The bounty paid to a hacker to identify a potential security problem is often money well spent.

The amount of money offered per bug varies, depending on the company offering the bounty and the expected impact of the identified bug. Small bounties are often a few hundred dollars, while more impactful bugs can fetch tens or even hundreds of thousands of dollars. The biggest bug bounties from large tech companies like Apple, financial institutions, and cryptocurrency blockchain groups can pay a skilled hacker several million dollars for a single bug.

Updated November 29, 2022 by Brian P.

quizTest Your Knowledge

Which of the following is a type of color model?

Correct! Incorrect!     View the HWB definition.
More Quizzes →

The Tech Terms Computer Dictionary

The definition of Bug Bounty on this page is an original definition written by the TechTerms.com team. If you would like to reference this page or cite this definition, please use the green citation links above.

The goal of TechTerms.com is to explain computer terminology in a way that is easy to understand. We strive for simplicity and accuracy with every definition we publish. If you have feedback about this definition or would like to suggest a new technical term, please contact us.

Sign up for the free TechTerms Newsletter

How often would you like to receive an email?

You can unsubscribe or change your frequency setting at any time using the links available in each email.

Questions? Please contact us.