| Home : November 10 2013 Computer News : Shared bug bounty program praised by security researchers |
|
Shared bug bounty program praised by security researchers |
November 10, 2013
Facebook and Microsoft are winning plaudits from security researchers for launching an initiative to offer bounties to bug hunters who discover and report vulnerabilities in widely used products.
Unlike other bug bounty programs, the program announced this week by the duo is not vendor-specific. Rather it will reward bug hunters for vulnerabilities they discover in a range of technologies that includes Python, Perl, PHP, Ruby on Rails, and Django, Apache and Nginx Web. Also covered are technologies such as the application sandbox mechanisms in Internet Explorer 10, Google Chrome, and Adobe Reader.
A website set up under the program allows bug hunters to report vulnerabilities and connect them with response teams capable of addressing the bugs. The site spells out the vulnerability disclosure guidelines, specific disclosure timelines and processes that security researchers must follow to qualify for a reward.
The Internet Bug Bounty program aims to reward security research in areas that will ultimately make the Web more secure overall, according to Facebook and Microsoft.
To read this article in full or to leave a comment, please click here
Link: http://www.pcworld.com/article/2061978/shared-bug-bounty-program-praised-by-security-researchers.html#tk.rss_all
|
|
|
|
|
