Security firm iDefense recently awarded $39,000 to researchers as part of its Vulnerability Contributor Program that rewards bounties for bugs.
The payouts, the first since the Reston, Va.-based security intelligence firm announced larger awards and a loyalty program in July, gave $9,000 to three vulnerability contributors for the third quarter, and $30,000 for the top five bug hunters during the past 12 months.
iDefense is one of the few security firms to pay cash for vulnerabilities. Another is TippingPoint, owned by 3com.
One researcher walked away with $13,000 of iDefense's cash awards, while two others received $8,000 and $7,000, respectively. Most of the bounty hunters remained anonymous.
iDefense announced the awards in a message to the Full Disclosure security mailing list.