Today, we are announcing that Shopify has paid out over $1 million USD since launching our bug bounty program, helping protect more than 800,000 businesses worldwide.
Our bug bounty program takes the most significant parts of our product offering and makes them securely available to thousands of security researchers who proactively discover potential vulnerabilities and ensure that businesses on Shopify have the most secure platform.
On top of this, we are dedicated to publicly disclosing all vulnerability reports discovered through our program to propel industry learnings and we strongly encourage other companies to do the same. Investing in ethical hacking practices and sharing those discoveries is one way we’re driving the future of commerce.
For more information, please read One Million Dollars in Bounties on our Engineering Blog.