Bug Bounty Program – Page 8

Bug Bounty Programs Turn Attention to Data Abuse

Posted on July 1, 2018 by Lindsey O'Donnell

More companies – particularly social media firms – may follow Facebook’s footsteps in turning to bug bounty programs to scout out any data privacy abuse on their platforms, experts say. Continue reading Bug Bounty Programs Turn Attention to Data Abuse→

Bug Bounty Programs Turn Attention to Data Abuse

Posted on July 1, 2018 by Lindsey O'Donnell

Bug bounty payouts double in 2018; India reports the most bugs while U.S. wins highest payouts

Posted on June 7, 2018 by Filip Truta

Some of the biggest players in various industries have turned to the crowdsourced security model – white hat-driven bug bounty programs – in a race to identify emerging vulnerabilities before the black hats do. The crowdsourced security mod… Continue reading Bug bounty payouts double in 2018; India reports the most bugs while U.S. wins highest payouts→

Uber updates bug bounty program, adds bonus for proof-of-concept (POC)

Posted on April 30, 2018 by Filip Truta

Ridesharing service Uber has announced some changes to its bug bounty program, including a new set of terms and conditions, as well as new monetization opportunities for white hatters. First off, some stats. Since August 2017, Uber has rewarded ethical… Continue reading Uber updates bug bounty program, adds bonus for proof-of-concept (POC)→

Does Your Bug Bounty Program Need an Overhaul?

Posted on April 16, 2018 by Kacy Zurkus

They’ve become mainstream, but bug bounty programs are vast, varied and complicated When bugs proliferate, there’s potential for an infestation problem that needs to be fumigated. Over the past few years, bug bounty programs have become a popular solu… Continue reading Does Your Bug Bounty Program Need an Overhaul?→

Amid Cambridge Analytica scandal, Facebook launches Data Abuse Bounty program

Posted on April 11, 2018 by Filip Truta

In light of the Cambridge Analytica fiasco, Facebook this week launched a bounty program to reward people who report misuse of data by developers and services integrated with the social network. The Data Abuse Bounty, inspired by the company’s ex… Continue reading Amid Cambridge Analytica scandal, Facebook launches Data Abuse Bounty program→

U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program

Posted on April 2, 2018 by Lindsey O'Donnell

The U.S. Department of Defense is the latest government entity to double down on vulnerabilities, on Monday announcing a new bug bounty program. Continue reading U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program→

New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown

Posted on March 16, 2018 by Lindsey O'Donnell

Microsoft is looking to target new speculative execution side channel vulnerabilities – similar to Spectre and Meltdown – with a new bug bounty program. Continue reading New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown→

Bugcrowd raises $26 million in latest funding round

Posted on March 1, 2018 by Zaid Shoorbajee

The expansion of the bug-bounty industry continues as Bugcrowd announced Thursday that it is bringing in $26 million in its latest round of venture capital funding. The San Francisco-based company has seen consistent growth since its inception in 2012. It says that in the last quarter alone, it grew its base of commercial and Fortune 500 customers, opened new offices in London and Sydney and added to its leadership team. Bugcrowd has now raised about $50 million in venture capital funding. The Series C funding was led by Triangle Peak Partners, a venture capital firm that focuses on software and security. Triangle Peak’s president and co-founder, Dain DeGroff, will also be joining Bugcrowd’s board of directors. “Bugcrowd has built a successful business model addressing a growing and critical need,” DeGroff said in a press release. “Their deep relationships with the researcher community and expertise managing crowdsourced programs make Bugcrowd a strategic asset […]

The post Bugcrowd raises $26 million in latest funding round appeared first on Cyberscoop.

Continue reading Bugcrowd raises $26 million in latest funding round→

Google paid $2.9 million in bug bounties in 2017

Posted on February 8, 2018 by Patrick Howell O'Neill

Google paid out $2.9 million in bug bounties to 274 security researchers in 2017, the company said. The tech giant has paid nearly $12 million in total since the bug bounty program launched in November 2010. The 2017 total was divided up with Android and Google products awarding $1.1 million each, and the rest came from Google Chrome bounties, the company said Wednesday. There were 1,230 bounties to researchers from 60 countries, and the biggest reward was $125,00, which was awarded more than 50 times, Google said. The $2.9 million total is slightly down from 2016’s high of $3 million in bounties paid. After receiving zero successful submissions for any Android remote exploit chain, Google raised the bounty on that kind of bug to $200,000. That’s likely lower than the offensive market will pay for such a bug, but it’s an exceptionally high reward as far as defensive bug bounty programs go. […]

The post Google paid $2.9 million in bug bounties in 2017 appeared first on Cyberscoop.

Continue reading Google paid $2.9 million in bug bounties in 2017→