Over 400 million users are protected by Kaspersky Lab technologies. To further bolster its mitigation strategy for addressing inherent software vulnerabilities, and continue enhancing its relationship with external security researchers, the cybersecurity firm is launching a bug bounty programme with HackerOne.
Bug bounty programmes are an effective and proven security measure that incentivises external researchers to safely find and disclose software vulnerabilities to companies. As a result, these organisations are able to fix the reported issues without placing customers at risk.
US$50,000 in bounty rewards
The first phase of the Kaspersky Lab bug bounty programme begins in August 2016 and last for a six-month period. During this time, Kaspersky Lab will offer a total of US$50,000 in bounty rewards to security researchers.
Bug bounty participants will examine the firm’s flagship products for consumers and enterprises, Kaspersky Internet Security and Kaspersky Endpoint Security. After the preliminary phase is complete, the company will evaluate the results to determine what additional products and rewards should be included in the second phase of its bounty programme.
Working with external security researchers
“Our bug bounty programme will help amplify the current internal and external mitigation measures we use to continuously improve the resiliency of our products,” said Nikita Shvetsov, Chief Technology Officer, Kaspersky Lab. “We think it’s time for all security companies, large and small, to work more closely with external security researchers by embracing bug bounty programmes as an effective and necessary tool to help keep their products secure and their customers protected.”
“Vulnerabilities are inevitable and bug bounty programmes are proven to supplement traditional security best practices with the help of the incredibly diverse global hacker community,” said Alex Rice, CTO and co-founder, HackerOne. “We look forward to partnering with Kaspersky Lab to help them run the most competitive bug bounty programme and continue to protect customers.”
Edited from press release by Cecilia Rehn.