Netflix makes its bug bounty program open to all users

CIOL Writers
New Update
Netflix's bug bounty program open to all

Netflix's bug bounty program is now available to general public. This means now, everyone can try and find security bugs on the platform and report them in exchange for cash rewards. The bug bounty program was available to select users since September 2016.


Netflix said in a post, "We are so excited to launch our public program and we hope to expand our researcher community. The move will allow the company to continue improving the security of our products and services while strengthening our relationship with the community." Targets for the bugs include Netflix website, API, help centre and mobile applications for iOS and Android. A focus on cross-site scripting(XSS) bugs, remote code execution,  business logic flaws, SQL injections and API vulnerabilities among others are also encouraged.

The company's new public program is on Bugcrowd platform. The platform allows any registered hackers to scour Netflix's vast mobile, cloud and software platform for minor and critical bugs. According to Bugcrowd, the typical bounty payout is $1,086.

Researchers can earn between $100 and $15,000 per bounty, depending on the severity of the flaw.

netflix security