Pornhub Launches Bug Bounty Program with Maximum Bounty Set at $25K

Posted: 09/05/2016

Pornhub Launches Bug Bounty Program with Maximum Bounty Set at $25K
Leading Online Adult Entertainment Site to Offer Rewards to Security Researchers for Finding Bugs That Help to Ensure the Safety of the Platform

New York, NY (May 10, 2016) – Pornhub, the premier online destination for adult entertainment, announced today the public launch of a bug bounty program through HackerOne, a vulnerability disclosure and bug bounty platform. The program will reward security researchers that find security bugs on Pornhub’s site with bounties as high as $25,000. The public launch of Pornhub’s Bug Bounty Program follows a private, invite-only beta program that the adult entertainment site ran last year, which compensated participants for helping to identify and fix about two dozen bugs.

“Like other major tech players have been doing as of late, we’re tapping some of the most talented security researchers as a proactive and precautionary measure – in addition to our dedicated developer and security teams -- to ensure not only the security of our site but that of our users, which is paramount to us,” said Corey Price, Vice President, Pornhub. “The brand new program provides some of our developer-savvy fans a chance to earn some extra cash – upwards to $25K – and the opportunity to be included in helping to protect and enhance the site for our 60 million daily visitors.”

Pornhub joins a number of technology giants that have recently implemented Bug Bounty programs, including DropBox, Google, Yahoo!, Twitter, Adobe and Twitter. The implementation of such programs continues to gain popularity as many companies are opting for more creative and forward-thinking ways of staying ahead of the next big security vulnerability. By relying on outside forces, they are able to offer an added layer of security to prevent incidents of widespread abuse.

The bounties, which range from $50 to $25,000, are dependent upon the vulnerability reported and are granted entirely at the discretion of Pornhub. To qualify, one must 1) be the first to report a technical security vulnerability, 2) send a clear textual description of the report along with steps to reproduce the vulnerability, 3) include attachments such as screenshots or proof of concept code and 4) disclose the vulnerability report directly and exclusively to Pornhub. The Pornhub security team in turn has 30 days to respond to the report, and up to 90 days to implement a fix based on the severity of the report.

For more information on Pornhub’s Bug Bounty Program, including the scope, eligibility, rewards, exceptions and rules, please visit https://hackerone.com/pornhub.

About Pornhub:
Founded in 2007, Pornhub is the leading free, ad-supported adult video streaming website, offering viewers the opportunity to upload and share their own videos. With over 3 million videos and over 60 million visitors a day, Pornhub truly is the best adult site in the world. Pornhub has built the largest dedicated membership base in the adult community, with over 4 million engaged and loyal members, offering viewers a fun and sophisticated social experience directly in site, complete with messaging, photos, achievement badges and much more.