subscribe: Daily Newsletter

 

Kaspersky Lab extends Bug Bounty Program

0 comments

Kaspersky Lab has announced the extension of its Bug Bounty Program, which encourages qualified individuals and organisations to submit reports on vulnerabilities and bugs found in its products.
Initially launched in August 2016, in partnership with leading bug bounty platform provider HackerOne, the program has been successful in uncovering at least 20 bugs in six months. As a result, the program has been extended with increased rewards for security researchers that discover remote code execution bugs.
Under the initial Bug Bounty Program, researchers were asked to examine Kaspersky Lab’s flagship products for consumers and enterprise, Kaspersky Internet Security 2017 and Kaspersky Endpoint Security 10. The second phase of the program adds Kaspersky Password Manager 8 to the scope of the initiative. As an additional incentive, Kaspersky Lab has also increased the rewards for remote code execution bugs from $2 000 to $5 000.
With today’s increasingly complex security landscape, bug bounty programs are an effective way for security companies to incentivise external researchers to safely find software vulnerabilities. This strategy aids the continuous development of effective tools that provide the most effective level of protection for customers.
Nikita Shvetsov, chief technology officer at Kaspersky Lab, comments: “The security of our customers is our priority. That is why we take independent research into our products very seriously and apply its results to constantly improve our best-in-class technologies. Since August, it is fair to say that our Bug Bounty Program has been successful in optimising our internal and external mitigation measures to continuously improve the resiliency of our products.
“That’s why we’ve decided to extend it. We appreciate the enthusiastic participation of security researchers worldwide. As a mark of our respect for the work they do in helping us to bolster our solutions, we’ve increased the remuneration on offer in this second phase of the program and extended the scope to include other important Kaspersky Lab products.”
“Kaspersky Lab is a great example of an organisation that prioritises security at every level,” says Alex Rice, co-founder and chief technology officer at HackerOne. “They recognise the responsibility they have to protect customers — both enterprises and consumers — and are taking every step to ensure vulnerabilities are found and fixed before they can be exploited. The expansion of their program shows their commitment to investing in the global hacker community and ensuring their competitive edge in the security market.”