Winning bug bounties with no bounty program - my unconventional journey in cybersecurity

When i started my cybersecurity journey, I found out a critical flaw using open source chromium software in a major website but didnt know how to report it

The website had no bug bounty program in place

I want to talk out my detail journey including the hurdles, communicating the security flaw responsibly, contacting the company owners which ultimately lead them to start the bug bounty program actively in place

I was also awarded 10000 INR for this which was the highest for their quota

I want to share my unconventional journey and experience with important things everyone should keep in mind during bug bounty hunting including how to reach out to companies who might not be taking cybersecurity serioursly