Bug bounties should be used more widely in an internet of things (IoT) sector that’s notorious for treating security as an afterthought, a new academic study suggests.
New research has revealed that four major data breaches – which cost over £265m in damages cumulatively, could have been prevented for as little as £9600 (collectively) with the use of bug bounty programs.
Microsoft has announced a bug bounty program for its open-source election software ElectionGuard, allowing researchers to uncover vulnerabilities and help bolster election security.
The tech giant will also be paying hackers who can find security flaws in its Portal device and in the Oculus Quest.
An eighth iteration of the Pentagon’s bug bounty program discovered a critical vulnerability in Department of Defense systems.
A Bug bounty program is also known as vulnerability rewards program (VRP) is the one where security researchers can disclose vulnerabilities and can receive recognition and compensation for reporting bugs.
The Libra Association rolls out Libra Bug Bounty Program, offering up to $10,000 for uncovering critical blockchain security issues underlying the unreleased cryptocurrency.
Facebook will start rewarding security researchers who report data abuse happening on Instagram, the company has announced. This is an expansion of Facebook’s Data Abuse Bounty program, which it introduced in April 2018.
Microsoft and Apple have both leveled up their bug bounty programs with new incentives for security researchers.
The Singapore Government has announced a new short-term bug bounty program to for external hackers to find vulnerabilities in nine key government-run websites.