Expanding our Bug Bounty Program

Co-authors: Ameen Maali and Surbhi Jain

At LinkedIn, our security team strives to provide a safe and secure experience for our 830M members and customers by quickly addressing security vulnerabilities, constantly improving our defenses, and safeguarding our product development process. Since 2014, our private bug bounty program with HackerOne, which connects businesses with cybersecurity researchers, has been a key part of our product security efforts having awarded more than $250,000 across nearly 500 submissions covering the LinkedIn member platform and mobile applications.

Because of the program’s success, we have decided to make the program public and expand participation to anyone wanting to report potential security vulnerabilities. Depending on the severity of the issue, LinkedIn will award a bounty of up to $15,000. Additional information on the scope of the public program can be found on our policy page.