There is another good news for the vulnerability researcher that a security firm Avast Software, a free antivirus producing company had officially announced the "Bug Bounty Program". Bug Bounty Program encourage the researcher to report security flaws into the system of the company. Avast like to hear security vulnerability form the researcher that happens on their system or on a product.
Bug Bounty Program is intended only for the Avast product, not for the website. In this program following kinds of security flaws on the product can be accepted..
- Remote Code Execution
- Denial of Services (DOS)
- Sandbox Escape
- Local privilege escalation
The reward of the bugs start from $200 to $5,000, depending upload the critical and the issue of the reported bugs. As Remote Code Execution is the most critical flaws on the product or system and hence cost for these bugs will be $3,000 to $5,000 or more than this also.
All the payment of the Bugs will be made by the Paypal accounts.
As Avast point some legal restriction as reasons and refused to accept the bugs report of some countries including Iran, Syria, Cuba, North Korea and Sudan.
Researcher can send their bugs at [email protected]
For more info Visit Avast blog.