

Mozilla's $10,000 Security Bug Bounty for Certificate Verification - cpeterso
https://blog.mozilla.org/security/2014/04/24/10000-security-bug-bounty-for-certificate-verification/

======
chrisrohlf
In my experience, bug bounties are most effective when targeted at a specific
component of an application. You get less of a gold rush mentality for simple
issues that existing toolsets (such as fuzzers) can find.

