



In effort to make the social media website bug free the company has now launched an official bug bounty program , and updated its responsible disclosure statement





According to the bounty program policy, Pinterest is now only giving Hall-of-Fame to the researcher and some reports are also eligible for “swag” (i.e., a shirt).





Regarding the bounty policy, Moreno has also says-

"As we gather feedback from the community, we have plans to turn the bug bounty into a paid program, so we can reward experts for their efforts with cash."

Image-based social network Pinterest has launched a bug bounty program powered by the crowdsourced-driven vulnerability disclosure platform Bugcrowd. Pinterest security engineer,, have announced the program on blog post, which says-“We hope these updates will allow us to learn more from the security community and respond faster to Whitehats,”.Means in future Pinterest can pay to the researcher for their vulnerability reports.The bounty program is valid for the main website (www.pinterest.com) along with the following subdomains: api.pinterest.com, about.pinterest.com, business.pinterest.com, blog.pinterest.com, help.pinterest.com, developers.pinterest.com and engineering.pinterest.com.Researcher can report the vulnerability via Bugcrowd to be eligible for the reward. Pinterest asked the researcher to give a reasonable amount of time to come up with a fix before making any information public, and avoid unauthorized data access and service disruption while conducting tests.