Bug Bounty Reward Experience

The author of the post has set up a security.txt file on their organization's website. A cybersecurity researcher (bug bounty hunter) contacted them to ask if there was a reward for reporting vulnerabilities, suggesting they may have identified a potential issue. The organization does not have a reward program in place and is seeking similar experiences to know how to handle this situation.