“Most major companies such as Microsoft, Google and Facebook have these types of programs. In fact, Collin Greene, who helped developed this program for Uber previously worked at Facebook with HackerOne CTO Alex Rice helping set up a similar program there — it’s a small world after all.
Uber’s program has several unique components. First of all, it’s trying to be as direct as possible with researchers when it comes to ground rules and payments. Greene says one of the issues that researchers/hackers have with these programs is that the payment system can be capricious. Someone finds a bug and a negotiation commences over how valuable it its.
He says that this program is going to be crystal clear about what Uber will pay, offering up to $10,000 for a critical bug.”