Reddit is taking its bug bounty program public

News
By published

Now anyone can hunt for bugs on Reddit

Glasses in front of computer screen
(Image credit: Kevin Ku / Pexels)

Reddit has announced that it will be taking its bug bounty program public after running it privately with HackerOne for the past three years.

In a post on the news aggregator and discussion forum's site, the company's security wizard Spencer Koch provided more details on the success of its bug bounty program so far, saying:

“This program has allowed us to quickly address vulnerabilities, improve our defenses, and help keep our platform secure alongside our own teams’ efforts. We’ve also seen great engagement and success to date, having awarded $140,000 in bounties across 300 reports covering the main reddit.com platform, which worked well for our limited scope during the private program.”

Now though, Reddit plans to expand the scope of the program to help improve the security of its site as well as its mobile apps.

Public bug bounty program

In an interview with HackerOne, Koch explained that Reddit started its security team back in 2018 after formalizing its private bug bounty program. This was also the same year the site was hacked and the personal data of some users was exposed in a data breach.

According to Koch, Reddit's security team performs an initial triage to gauge the severity of a bug after a vulnerability is reported. However, sometimes the company allows HackerOne's triage service to do the initial screening, reproduction information gathering and sanity check before its senior security engineers take a look at a bug.

Now that Reddit's bug bounty program is open to the public, any security researcher or white hat hacker can look for bugs on the platform. Once a bug is found, they can earn $100 for low severity bugs, $500 for medium ones, $5,000 for high ones and $10,000 for discovering a critical vulnerability. 

Those interested in hunting for bugs on Reddit can find out more information on its bug bounty program here including the program terms, severity determination and what vulnerabilities are out-of-scope for the program.

Via SC Magazine

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
A woman at a table using a Windows laptop, opposite sits a man, neither show their face
Microsoft will now pay you even more to find security bugs in Copilot
Facebook on laptop
Researcher nets major reward for finding Facebook bug able to unlock the gates to its internal systems
Application Security Testing Concept with Digital Magnifying Glass Scanning Applications to Detect Vulnerabilities - AST - Process of Making Apps Resistant to Security Threats - 3D Illustration
Google bug bounty payments hit nearly $12 million in 2024
A concept image of someone typing on a computer. A red flashing danger sign is above the keyboard and nymbers and symbols also in glowing red surround it.
Fake Reddit sites found pushing Lumma Stealer malware
coding
Popular open source vulnerability scanner Nuclei forced to patch worrying security flaw
the YouTube logo on a screen in front of other YouTube logos covering a black background
Worrying YouTube security flaw exposed billions of user emails
Latest in Pro
cybersecurity
What's the right type of web hosting for me?
Security padlock and circuit board to protect data
Trust in digital services around the world sees a massive drop as security worries continue
Hacker silhouette working on a laptop with North Korean flag on the background
North Korea unveils new military unit targeting AI attacks
An image of network security icons for a network encircling a digital blue earth.
US government warns agencies to make sure their backups are safe from NAKIVO security issue
Laptop computer displaying logo of WordPress, a free and open-source content management system (CMS)
This top WordPress plugin could be hiding a worrying security flaw, so be on your guard
construction
Building in the digital age: why construction’s future depends on scaling jobsite intelligence
Latest in News
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
Quordle on a smartphone held in a hand
Quordle hints and answers for Sunday, March 23 (game #1154)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Sunday, March 23 (game #385)
More about pro
Toshiba Canvio Flex 4TB

I reviewed the Toshiba Canvio Flex 4TB – it's big on storage but stuck in the past
Branch Ergonomic Chair Pro

I tested the Branch Ergonomic Chair Pro, and while it's a great chair for the price, it comes with one flaw I can't overlook
The Mail app running on iOS, with categories shown on-screen.

How to turn off Mail categories on iPhone, or customize them to your needs
See more latest
Most Popular
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 24 (game #1155)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 24 (game #652)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 24 (game #386)
Apple iPhone 16 Review
The latest iPhone 18 leak hints at a major chipset upgrade for all four models
Micron SOCAMM memory module
World's biggest RAM vendors develop superior memory form factor exclusively for Nvidia, sorry Intel and AMD
Asus Vivobook 18
The Asus Vivobook 18 is the only affordable 18-inch laptop right now, and it comes with a powerful CPU no other laptop has
Peter Claffey as Ser Duncan the Tall in The Knight Of The Seven Kingdoms
A Knight Of The Seven Kingdoms: The Hedge Knight – everything we know so far about HBO's Game of Thrones prequel
Vinpower iXFlash and iXFlash Cube
This tiny 2TB USB Flash drive can both charge and backup your iPhone at the same time
Compal Adapt X modular laptop
One of the largest laptop manufacturers releases concept pictures of Adapt X, a modular laptop in the same vein as Framework
Anycubic foldable portable 3D printer
Anycubic may launch this gorgeous foldable portable 3D printer any day soon, and I can't wait to try it out