Grafana Labs has launched its own bug bounty program to harness the expertise of ethical hackers globally for identifying and responsibly reporting security vulnerabilities in its software. Managed internally to foster stronger relationships with researchers, the program emphasizes speed, transparency, and fair compensation as its core principles. Grafana Labs aims to offer a prompt experience with responses and triages within one to two business days, and payments via the trusted platform Initigriti. The program is hosted on GitHub for transparency, where any changes to scope and terms are publicly recorded, and researchers are not required to sign non-disclosure agreements, allowing them to freely discuss their findings post-release. Grafana Labs, a CVE Numbering Authority, is committed to rewarding high-quality reports with top-tier payouts and bonuses, aiming to strengthen the overall security of its open-source projects and other products. The company encourages continuous engagement from the security community, inviting them to check the program's scope for updates and contribute to its success.