FireEye has announced that it is extending its private bug-bounty program to the public. The expanded program, like its predecessors, will be run in partnership with Bugcrowd.
The newly expanded program covers a variety of FireEye corporate infrastructure entities. There are a number of services and programs considered out of bounds; those are listed in the program's description page at Bugcrowd.
Anyone with credentials on the Bugcrowd platform can submit vulnerabilities to the program, which will pay a bounty of $50 to $2,500 depending on the bug's severity and potential impact.
Researchers who wish not to be compensated for their vulnerability reports can continue to submit them through the FireEye Responsible Disclosure program, which is also managed by Bugcrowd.
For more, read here