In July, the Shopify Bug Bounty Program on HackerOne: - Closed 207 reports vs 225 in June - Awarded $44,500 vs $27,000 in June - Got reports from 122 hackers vs 102 in June - First responded within 32, triaged within 84, bounty within 244 hours

Can't wait for Shopify to award some bounties today :) Also, huge shoutout to Ray Duran and PayPal for chatting with us about how they approach paying bounties based on CVSS. Our calculator was developed because they shared their code with us! Sharing is caring :)

In September, the Shopify Bug Bounty Program on HackerOne: - Closed 422 reports vs 273 in August - Awarded $62,000 vs $24,000 in August - Got reports from 254 hackers vs 156 in August - First responded within 19, triaged within 55, bounty within 124 hours

The experiment paying our HackerOne bug bounties with our calculator shopify.github.io/appsec/cvss_ca… was such a success that we made the decision early—we're sticking with it! Hackers were happier, bounty discussions were easier and bounty amounts were more consistent. Happy hacking!

Are you an aspiring or active member of the Ruby community and looking for a chance to 🎟️ win a free ticket 🎟️ to #RubyConf2020? Learn how to apply and submit your entry here ⬇️. Contest closes on Nov 10th at 11:59 PM ET cc mike dalessio docs.google.com/forms/d/e/1FAI…

In November, the Shopify Bug Bounty Program on HackerOne: - Closed 259 reports vs 330 in Oct - Awarded $32,900 vs $38,200 in Oct - Got reports from 126 hackers vs 169 in Oct - First responded within 23, triaged within 40, bounty within 100 hours

In 2020, we received bug bounty reports from hundreds of hackers but 3 stood out. As a thank you, we awarded Ron Chan, h13- and Francis Beaudoin a $1K bonus, recorded personal Thank Yous and are sending swag. We can't wait to see what the new year brings.

In December, the Shopify Bug Bounty Program on HackerOne: - Closed 209 reports vs 259 in Nov - Awarded $47,600 vs $32,900 in Nov - Got reports from 110 hackers vs 126 in Nov - First responded within 21, triaged within 23, bounty within 140 hours

Most of my public presentation slides are on GitHub now! github.com/orangetw/My-Pr…

Updates on Shopify’s Bug Bounty Program by Jenn shopify.engineering/shopify-bug-bo…

You can now preorder your badge on our amazing swag shop! And thanks to OKIOK you can have it shipped for free! What are you waiting for? It’s here: shop.nsec.io

Have you heard about Hack Days? A few times per year here we take a break from our regular work and everyone in the company is encouraged to work on ANY project they want – as long as it adds value to Shopify. What would you work on?

Looking forward to speaking at #SecurityAt tomorrow! Tune in to chat about hacker-powered security in commerce. 🛍 Register here: ow.ly/ngaT50G2Gz4

Hey, everyone! This is a great opportunity to snag a free ticket to the biggest cybersecurity conference in the US. Don't miss out on your chance to win! #RSAC22

📣 Announcement for all of our AppSec aficionados: we're doubling our maximum HackerOne bug bounty payouts to $100,000 in 2022! Read even more in our latest Bug Bounty program updates and 2021 year-in-review 👉 bit.ly/3K2YdoV

passing on someone else’s reminder: might want to check if you have any accounts where your only way to log in is through twitter authentication

Sweet, this will be useful

10 years! Check out the CTF if you’re attending. Hoping to see some familiar faces later today. :)