Food delivery platform Zomato, on July 8, raised the reward on its bug bounty programme, and a person can win as much as $4,000 (nearly 3 lakh) if they find a vulnerability in the company's app or website.

"The Zomato Bug Bounty Program is a crucial part of our security efforts and we hope that this improvement will further motivate the hacker community. Thank you for your contribution to our program so far and we look forward to your reports!" the company said in a statement available on HackerOne.



Starting today, we’re increasing the rewards for @zomato's bug bounty program: $4,000 for critical, $2000 for high, and so on. We welcome your participation and look forward to your reports! Happy Hacking :) Find more details here: https://t.co/OSvNH1q6Mm

— Yash Sodha (@y_sodha) July 8, 2021

The statement was tweeted by Yash Sodha, a security engineer at Zomato.

Zomato will use the Common Vulnerability Scoring System (CVSS) to assess the severity of vulnerability, based on which the final reward will be calculated.

A critical vulnerability with CVSS 10.0 will be awarded $4,000, while a vulnerability with CVSS 9.5 will be awarded $3,000. Check the full table with the details of the rewards here.

Zomato's bug bounty programme requires two-factor authentication enabled to participate in.