Blog Security Why 2022 was a record-breaking year in bug bounty awards
2022-12-19
1 min read

Why 2022 was a record-breaking year in bug bounty awards

Find out about the researchers who together earned more than $1 million USD in prizes and their bug hunting contributions.

inside-gitLab-public-bug-bounty-program.png
nmalcolm-headshot Nick Malcolm
security bug bounty community

Each year, GitLab's Application Security team likes to recap the highlights from GitLab's bug bounty program.

It's been a busy 2022 for security teams across the industry, and we have been fortunate to receive a huge number of excellent reports that help us keep GitLab and its customers secure. With the increase we made to our bug bounty award amounts in November 2021 and increased researcher engagement, we've broken a new record by awarding over $1 million USD in bounties during 2022!

We wouldn't be where we are without the collaboration of our bug bounty community, and we consider these awards as hugely beneficial and money well spent.

2022 by the numbers

<!

More to explore

View all blog posts
Security
securitycheck.png

Tips to configure browser-based DAST scans

Security
securitycheck.png

Enterprise-scale security and compliance policy management in the AI era

Security
securityscreen.jpg

GitLab’s response to a high severity vulnerability impacting curl and libcurl

We want to hear from you

Enjoyed reading this blog post or have questions or feedback? Share your thoughts by creating a new topic in the GitLab community forum. Share your feedback

Ready to get started?

See what your team could do with a unified DevSecOps Platform.

Get free trial

New to GitLab and not sure where to start?

Get started guide

Learn about what GitLab can do for your team

Talk to an expert