Frequently Asked Questions
Does Amazon have a bug bounty?
Yes, Amazon has a bug bounty program. Launched in 2021, the Amazon bug bounty program provides ethical hackers with a way to earn rewards for identifying vulnerabilities. For more information on Amazon’s bug bounty, please visit HackerOne.
How much does Amazon pay for bug bounty?
On average, researchers earn $4,500 for resolving a report on the Amazon bug bounty program. Factors such as severity of the vulnerability and its impact on user data can affect payout amount. For example, critical issues could result in payouts of up to $20,000.
Does AWS have a bug bounty program?
Unfortunately, Amazon Web Services (AWS) is not considered in scope as part of Amazon’s Bug Bounty Program. For vulnerabilities related to AWS, please visit the AWS Vulnerability Reporting page.