Russian IT firm offers rewards to security researchers for finding bugs

Saturday, Aug 06, 2016 07:50

Russian IT security company Kaspersky Lab is offering up to US$50,000 worth of rewards to security researchers under a bug bounty programme. — VNS Photo

HCM CITY (Biz Hub) — Russian IT security company Kaspersky Lab
has launched a bug bounty programme with HackerOne, a bug bounty platform provider, initially offering up to US$50,000 worth of rewards to security researchers.

Bug bounty programmes are an effective and proven security measure that incentivises external researchers to safely find and disclose software vulnerabilities to companies that can then fix them without placing customers at risk.

The first phase of the programme began on August 2 and will last for a six-month period. During this initial phase, the bounty rewards will be available to researchers identifying vulnerabilities in the Russian company's consumer and business products, Kaspersky Internet Security and Kaspersky Endpoint Security.

After the preliminary phase is complete, the company will evaluate the results to determine what additional products and rewards should be included in the second phase.

"Our bug bounty programme will help amplify the current internal and external mitigation measures we use to continuously improve the resiliency of our products," said Nikita Shvetsov, chief technology officer, Kaspersky Lab.

"We think it's time for all security companies, large and small, to work more closely with external security researchers by embracing bug bounty programmes as an effective and necessary tool to help keep their products secure and their customers protected."

Alex Rice, CTO and co-founder, HackerOne, said, "Vulnerabilities are inevitable and bug bounty programmes are proven to supplement traditional security best practices with the help of the incredibly diverse global hacker community." — VNS

Comments (0)

Statistic