Introducing Lightspark's Public Bug Bounty Program

We're excited to announce the public launch of Lightspark's Bug Bounty Program on the HackerOne platform! Lightspark has been working with HackerOne to ensure the highest standards of security and responsible disclosure, and today, we're taking a major step forward by opening the program to the global researcher community. Read the message below to learn more about Lightspark's program details and how you can help keep Lightspark secure!
Expanding Our Bug Bounty Program
At Lightspark, we’ve always been focused on security that meets and exceeds industry standards. We’ve been partnering with HackerOne, the global leader in ethical hacking and human-powered security, on our bug bounty program. Today we’re announcing that we’re ramping up the scale of this reporting and sharing our bug bounty program publicly. We’ve already invited a few security researchers and white hat hackers to pressure test our offerings and collect bug reports - which has been so useful - but now we are formalizing our approach.
Details on the Program
Our rewards are based on severity. Hackers reporting vulnerabilities will receive the following payout levels (at Lightspark’s discretion), based on the tier of the vulnerability:
- Low - $150
- Medium - $750
- High - $2000
- Critical - $5000
Hackers can report bugs on any facet of Lightspark, whether it’s our APIs, open source software, or website. We’re committed to meeting our response targets for hackers participating in our program, and we’ll keep everyone informed about our progress.
We help our customers deliver Internet payments at scale and improve the financial system for everyone. Our customers rely on us to provide secure, enterprise-grade Lightning payment services. This update to our expanded bug bounty program demonstrates the importance of and our commitment to security in our services.
We’re excited to work with the community and are looking forward to feedback. For more details on the Lightspark Bug Bounty Program, please visit hackerone.com/lightspark_bbp.
The 8th Annual Hacker-Powered Security Report
