Latest Kaspersky IT Security Calculator measures business investments in IT security, and benchmarks cybersecurity approaches according to business size, region and sector.Learn more >
Kaspersky Lab has announced the extension of its Bug Bounty Program, which encourages qualified individuals and organizations to submit reports on vulnerabilities and bugs found in its products. Initially launched in August 2016, in partnership with leading bug bounty platform provider HackerOne, the program has been successful in uncovering at least 20 bugs in six months. As a result, the program has been extended with increased rewards for security researchers that discover remote code execution bugs.
Under the initial Bug Bounty Program, researchers were asked to examine Kaspersky Lab’s flagship products for consumers and enterprise, Kaspersky Internet Security 2017 and Kaspersky Endpoint Security 10. The second phase of the program adds Kaspersky Password Manager 8 to the scope of the initiative. As an additional incentive, Kaspersky Lab has also increased the rewards for remote code execution bugs from $2000 to $5000.
With today’s increasingly complex security landscape, bug bounty programs are an effective way for security companies to incentivize external researchers to safely find software vulnerabilities. This strategy aids the continuous development of effective tools that provide the most effective level of protection for customers.
Nikita Shvetsov, Chief Technology Officer at Kaspersky Lab, commented: “The security of our customers is our priority. That is why we take independent research into our products very seriously and apply its results to constantly improve our best-in-class technologies. Since August, it is fair to say that our Bug Bounty Program has been successful in optimising our internal and external mitigation measures to continuously improve the resiliency of our products. That’s why we’ve decided to extend it. We appreciate the enthusiastic participation of security researchers worldwide. As a mark of our respect for the work they do in helping us to bolster our solutions, we’ve increased the remuneration on offer in this second phase of the program and extended the scope to include other important Kaspersky Lab products.”
“Kaspersky Lab is a great example of an organization that prioritizes security at every level,” said Alex Rice, co-founder and CTO at HackerOne. “They recognize the responsibility they have to protect customers — both enterprises and consumers — and are taking every step to ensure vulnerabilities are found and fixed before they can be exploited. The expansion of their program shows their commitment to investing in the global hacker community and ensuring their competitive edge in the security market.”
Further information on the Kaspersky Lab Bug Bounty Program, including details of eligibility, can be found here.
Articles related to Product news
Kaspersky Lab, together with the research agency Opeepl, surveyed 7,740 household pet owners from 15 countries around the world* to find out how modern technologies affect pet safety.Learn more >
With half (48%) of people still failing to protect their mobile devices, and only 22% using anti-theft solutions, pick pocketers that get their hands on a smartphone could be in for more of a treat than even they hope for.Learn more >