About bug bounty programs

According to Schneier on Security, recent research shows that bug bounty programs may be used to buy silence. That means some companies expect the researchers to be silent about their vulnerabilities in exchange for a payout.