Cloudflare Launches Public Bug Bounty Program

Feb 2, 2022 | News

Cloudflare on Tuesday added a public bug bounty program, the vendor’s first such initiative since the cloud security company started its bug bounty program in 2014.

In a Feb. 1 blog post, the company said the first iteration of its bug bounty program was pure vulnerability disclosure without cash bounties. In 2018, Cloudflare added a private bounty program, but now anyone interested can report bugs related to Cloudflare products on its public site hosted on HackerOne’s platform.


“Bug bounties have their merit in the cybersecurity field, but they still fall into the category of focusing efforts post-deployment and being reactive”, said Archie Agarwal, founder and CEO at ThreatModeler.

Read the full article here

If you’d like to learn more about ThreatModeler’s capabilities, you can contact us here.