Security News
Bug bounty hunting is, at heart, a competitive market, and winner-takes-all is the easiest way for a vendor to avoid the problem of two researchers covertly colluding for extra money. Most bug bounty programs have a rule under which a reasonable timeframe is agreed for fixing the bug.
Sony this week announced the launch of a public PlayStation bug bounty program in partnership with hacker-sourced vulnerability hunting platform HackerOne. Previously, the company ran a private bug bounty with some researchers only, but says that it has come to realize that the research community plays an important role in improving security, and that the newly launched program builds on that realization.
The Defense Advanced Research Projects Agency is running a bug bounty program in an effort to find security vulnerabilities in a new, advanced implementation of the System Security Integration Through Hardware and Firmware program. With the new bug bounty program, DARPA is looking to harden SSITH hardware security protections in development.
HackerOne announced on Wednesday that its bug bounty platform has helped researchers earn more than $100 million since the company started paying hackers in October 2013. The San Francisco-based company reported in late February that it had paid out a total of over $82 million in bounties, $40 million of which was awarded in 2019 alone.
India has open-sourced its Aarogya Setu contact-tracing app and announced a bug bounty programme to detect any security issues. The nation has now decided to open the app and run a bug bounty programme.
India has open-sourced its Aarogya Setu contact-tracing app and announced a bug bounty programme to detect any security issues. The nation has now decided to open the app and run a bug bounty programme.
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.
The company has launched a $100,000 bug bounty for people who can break into Azure Sphere, its security system for IoT devices. The latest, the Sphere Security Research Challenge, lets bug hunters talk directly to Microsoft's technical team as they try to break into Sphere.
Microsoft has announced a new security research / bug bounty program aimed at testing and improving the security of Azure Sphere, its comprehensive IoT security solution. Through the Azure Sphere Security Service, the MCU can securely connect to the cloud and web, and the service makes sure that the booted software is genuine, that OS security updates are downloaded and installed securely and automatically.