sb-nz logo
Story image

Kaspersky Labs offers $50,000 'bug bounty' to security researchers

02 Aug 2016

Security researchers Kaspersky Lab and bug bounty platform Hacker One are co-launching a Bug Bounty Program that offers $50,000 in bounty rewards to eagle-eyed security researchers who find and disclose security vulnerabilities to companies.

“Vulnerabilities are inevitable and bug bounty programs are proven to supplement traditional security best practices with the help of the incredibly diverse global hacker community. We look forward to partnering with Kaspersky Lab to help them run the most competitive bug bounty program and continue to protect customers," says Alex Rice, CTO and co-founder of HackerOne.

The Kaspersky Lab bug bounty program begins today and will last for six months. Bug bounty hunters will 'examine our flagship products for consumers and enterprises, Kaspersky Internet Security and Kaspersky Endpoint Security', the company states.

Kaspersky Labs will then analyse results to find out what additional features should be included in the second phase of its program.

Kaspersky Lab says the use of bug bounty programs are effective incentives to get external researchers to speak up about bugs and fix them without putting customers at risk. The company also hopes to learn from the exercise, with plans to further develop relationships with security researchers as well as strengthening its own mitigation strategies.

“Our bug bounty program will help amplify the current internal and external mitigation measures we use to continuously improve the resiliency of our products. We think it’s time for all security companies, large and small, to work more closely with external security researchers by embracing bug bounty programs as an effective and necessary tool to help keep their products secure and their customers protected," says Nikita Shvetsov, chief technology officer, Kaspersky Lab.

Find out more about the program's scope, eligibility, rewards, exceptions and rules here

Story image
Interview: How cyber hygiene supports security culture - ThreatQuotient
We spoke with ThreatQuotient’s APJC regional director Anthony Stitt to dig deeper into cyber hygiene, security culture, threat intelligence, and the tools that support them.More
Story image
SOC as a Service: Fortinet’s answer to today’s network challenges
Jon McGettigan, Fortinet A/NZ Regional Director, explains how SOC as a Service can back up your current SOC team, fast-track deployments and ensure regulatory compliance.More
Story image
Average person has 100 passwords - study
The average user has about 25% more passwords compared to earlier this year.More
Story image
BlackBerry partners with ServiceNow for incident response management
BlackBerry has announced it has entered into a partnership with ServiceNow to integrate the BlackBerry AtHoc service within the Now platform for rapid crisis communications and IT service management. More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More