When I help companies to fix security issues I do not ask anything in return.
I come across a security issue on Mixpanel when auditing private client on Cobalt.io and I send to Mixpanel a little security advisory describing a Reflected Filename Download vulnerability with a couple of screenshots.
Mixpanel security team fixed the vulnerability very fast showing that they care about security.
Also they were nice enough to send me a very cool tshirt.
Sometimes helping others has it’s benefits 🙂