Zoom paid $1.8 mn under bug bounty program on HackerOne’s platform

Video conferencing platform Zoom has awarded $1.8 million to researchers who submitted bug bounty reports over 2021 — on HackerOne’s platform.
Zoom video conferencing app
The invitation-only private bug bounty program allows companies to hand-pick security researchers, based on their previous work.

“While Zoom tests our solutions and infrastructure every day, we know it is important to augment this testing by tapping the ethical hacker community to help identify edge-case vulnerabilities that may only be detectable under certain use cases and circumstances,” the company said in a statement.

“That is why Zoom has invested in a skilled, global team of security researchers via a private bug bounty program on HackerOne’s platform, which is the industry’s leading provider for recruiting and engaging with security-focused professionals.”

HackerOne calculates statistics for each researcher based on their signal-to-noise ratio, impact on the programs they have contributed to, and reputation.

Zoom said it has recruited over 800 security researchers on the HackerOne platform and their collective work has resulted in the submission of numerous bug reports, and awards of over $2.4 million in bounty payments, swag and gifts since the program was introduced.