Microsoft You do not have permission to view the full content of this post.Log in or register now. last year with $2 million in bug bounty payouts, after which it stopped releasing information about individual bounties besides the amounts and case severity. But the largest bounty awarded to a single person that we know of is Vasilis Pappas, who received $200,000 in 2012 when he was a Columbia University PhD student. Pappas submitted solutions for a Return-Oriented Programming problem that häçkers used to get around security controls, and created kBouncer, a program that mitigates anything that looks like ROP.