Storage service Dropbox has launched a bug bounty programme to encourage security researchers to pick holes in its products.
Bug bounties are seen as a cost-effective way to detect and fix flaws in online services that might otherwise suffer major financial and reputational damage in the event of a security breach. Bounties for the early detection of potentially serious flaws have been as high as $100,000.
Dropbox already rewards people whose research it has acted on by putting them on a wall of fame that it shares online. Now these bug hunters will be entitled to a financial reward, with the company having already paid out $10,475.
"Protecting the privacy and security of our users' information is a top priority for us at Dropbox. In addition to hiring world-class experts, we believe it's important to get all the help we can from the security research community, too," explained Devdatta Akhawe, a Dropbox security engineer.
"That's why we're excited to announce that starting today, we'll be recognizing security researchers for their effort through a bug bounty programme with HackerOne."
"These programmes provide an incentive for researchers to responsibly disclose software bugs, centralise reporting streams, and ultimately allow security teams to leverage the external community to help keep users safe."
Dropbox bounties start at $216, with the biggest so far being $4,913, but there is no upper cap set by the firm.
The rewards cover any bugs found in Dropbox, Carousel, Mailbox iOS and Android applications and equivalent web versions, the Dropbox desktop client and the Dropbox Core SDK.
Dropbox said that the bounty programme is part of its "commitment to privacy".
This is another step in our commitment to security and privacy," said Akhawe. "We look forward to working with security researchers and awarding them for their contributions to the security of all Dropbox users."
Open source solutions provider makes acquisition in bid to shore up cloud development tools business
Aims to "end data bottlenecks"
Looking to boost your career in IT? Here are the best-earning roles out there!
The BlackBerry KeyOne is a strange device that brings the best of BlackBerry and Android together in a Qwerty-equipped package, but it won't be for everyone