Security News

Uber is tightening policies around its bug bounty program after a 2016 data breach exposed deep flaws in its policies around handling extortion.

Can bug bounty programs be designed to protect consumer privacy and how do programs balance white hat disclosure versus companies sitting on vulnerabilities until they are fixed?

The pushback against regulation starts here IoT security regulations could stifle innovation without addressing the security problems at hand, a well-respected security researcher controversially argues.…

The U.S. Department of Defense is the latest government entity to double down on vulnerabilities, on Monday announcing a new bug bounty program.

The Social Network™ all-but-admits its previous legalese for developers was useless Facebook has outlined a set of changes to its platform that impact developers and data brokers.…

Facebook announced that in the coming weeks it will expand its bug bounty program as the company cracks down on data misuse by app developers.

Netflix announced on Wednesday the launch of a public bug bounty program with rewards of up to $15,000, and Dropbox has made some changes to its vulnerability disclosure policy, promising not to...

Netflix opens up bug bounty program to all white hat hackers and ups the ante for bugs to as much as $15,000.

Cisco Meraki, a provider of cloud-managed IT solutions, announced last week the launch of a public bug bounty program with rewards of up to $10,000 per vulnerability. Cisco Meraki, which resulted...

Microsoft is looking to target new speculative execution side channel vulnerabilities - similar to Spectre and Meltdown - with a new bug bounty program.