Bug bounty program 2021: Guide for bug bounty hunters to the best September offers
Bug bounty program 2021: A bug bounty program is the best way for a company to improve its security, courtesy bug bounty hunters. We list here the bug bounty program 2021 - September.
Bug bounty program 2021: Bug bounties are the best way for companies to improve the security of their apps and services as well as identify and fix flaws. When companies rely solely on internal testing to find security flaws, it can leave gaping security holes open for malicious hackers and cybercriminals. With a bug bounty program, large companies like Facebook and Google, as well as smaller companies, can invite bug bounty hunters, or ethical hackers, with the technical know-how to try and compromise their systems and then disclose their findings in a responsible manner for a considerable amount of money. Yes, Facebook and Google bug bounty programs are very much in existence despite the fact that they are mega corporations with hundreds of thousands of employees.
There are many notable successes derived from a bug bounty program. Among these are the flaw discovered in OkCupid by a Brave browser engineer, a weakness with Bumble's systems that could be exploited to reveal users addresses and show where they had been, as reported by The Daily Swig. Many bug bounty hunters also find and help fix flaws in massive open source projects like the Google Chromium browser, where a programmer netted $15,000 for reporting a serious security flaw.
Also read: Looking for a smartphone? Check Mobile Finder here.
If you're a budding bug bounty hunter or expert with a knack for identifying security flaws in software and want to help your favourite apps and services become more secure, here's a handy guide to the best bug bounty program 2021 - September.
Cardano Foundation: This Swiss non-profit is offering a bug bounty of $10,000 via HackerOne for critical bugs that are identified in its systems that could result in remote code execution and the leakage of sensitive information, or tampering with transactions. However, more serious security flaws will be awarded with higher payouts and the vulnerabilities must affect Cardano-Node and Cardano-Wallet.
The Graph Foundation: If a user is able to find a security flaw among a wide list of vulnerabilities, they can gain various payouts of up to $2.5 million via the company's bug bounty program via Immunefi. They will need to find flaws with The Graph, which is an indexing protocol for querying networks like the IPFS protocol and Ethereum.
UAE National Cyber Security Council: Hosted independently without any platform, the UAE National Cyber Security Council (NCSC) bug bounty program is inviting researchers to find security flaws in its national infrastructure which includes telecommunications. Participants will have to work with the Emirates Integrated Telecommunications Company and Etisalat, according to the report.
Elastic: Offering a payout of up to $7,000 for finding security flaws with its services, Elastic is seeking researchers efforts to find flaws with its Kibana, Beats and Logstash products as part of its bug bounty program. Interestingly, the source code for these apps is currently available, so users should be able to start looking for flaws right away.
Follow HT Tech for the latest tech news and reviews , also keep up with us on Twitter, Facebook, Google News, and Instagram. For our latest videos, subscribe to our YouTube channel.