Reddit has launched a public bug bounty program, an acknowledgment of its increased growth and visibility.
Bug bounty programs are a popular method of tackling cybersecurity issues. Many of the world’s largest companies rely on the programs to find and address bugs and security vulnerabilities before bad actors can exploit them.
Reddit has maintained a private program with HackerOne for the last three years, but the company is taking the next step and making it public.
With our continued growth and visibility, we’re now ready to make the program public and expand the participation to anyone wanting to make a meaningful security impact on Reddit. As we scale the program, our priority will remain focused on protecting the privacy of our user data and identities. We know each security researcher has their own skills and perspective that they bring to the program, and we encourage anyone to submit a report that shows security impact. We’re super excited to hit this milestone and have prepared our team for what’s to come.