EU launches bug bounty programs for five open source solutions

The European Union is, once again, calling on bug hunters to delve into specific open source software and report bugs. This time around, the list of software that should be probed for weaknesses includes: LibreOffice – a free office suite Mastodo… Continue reading EU launches bug bounty programs for five open source solutions

5 Things New with Bug Bounty Programs

On September 29, HackerOne announced the latest version of its Internet Bug Bounty (IBB) program. This initiative helped to coordinate the discovery of more than 1,000 security weaknesses in open-source software between 2013 and 2021. HackerOne’s latest version aims to expand the reach of the program even further by pooling defenses from existing bug bounties, […]

The post 5 Things New with Bug Bounty Programs appeared first on Security Intelligence.

Continue reading 5 Things New with Bug Bounty Programs

The DHS is inviting hackers to break into its systems, but there are rules of engagement

The United States Department of Homeland Security (DHS) is inviting security researchers to uncover vulnerabilities and hack into its systems, in an attempt to better protect itself from malicious attacks.

Read more in my article on the Tripwire Sta… Continue reading The DHS is inviting hackers to break into its systems, but there are rules of engagement

DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws

The Homeland Security Department is launching a bug bounty program to invite researchers to probe its systems for flaws, DHS Secretary Alejandro Mayorkas said Tuesday. Under the “Hack DHS” initiative Mayorkas discussed at the Bloomberg Technology Summit, ethical hackers would receive between $500 and $5,000 for identifying vulnerabilities, depending on their severity. The department would verify flaws within 48 hours and fix them within 15 days, or for complex bugs, develop a plan to do so during that period. “We’re focused not only on protecting and enhancing the cybersecurity of the private sector and of the federal government at large but, of course, we as a department have to lead by example and so what we are very focused on is identifying vulnerabilities and addressing or remediating those vulnerabilities,” Mayorkas said. DHS is later to the bug bounty trend than some other federal agencies, with the Defense Department initiating its […]

The post DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws appeared first on CyberScoop.

Continue reading DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws

Hacker-powered pentests gaining momentum

Hackers have reported over 66,000 valid vulnerabilities this year – over 20% more than 2020 – with hacker-powered pentests seeing a 264% increase in reported vulnerabilities, HackerOne has announced. Pandemic-led digital transformation and … Continue reading Hacker-powered pentests gaining momentum