The American web infrastructure and website security company Cloudflare has announced the launch of a new public bug bounty program.
Rushil Shah, a Product Security Engineer at Cloudflare said, “today we are launching Cloudflare’s paid public bug bounty program,”
“We believe bug bounties are a vital part of every security team’s toolbox and have been working hard on improving and expanding our private bug bounty program over the last few years.”
The new public bug bounty program follows a vulnerability disclosure program without cash bounties created in 2014. Through this program, Cloudflare received 1,197 reports however, only 13% of them valid as researchers were struggling to understand its infrastructure and products.