Extending its support to qualified individuals and organizations to submit reports on vulnerabilities and bugs found in its products, Kaspersky Lab has announced the extension of its Bug Bounty Program.
Under the initial Bug Bounty Program, researchers were asked to examine Kaspersky Lab's flagship products for consumers and enterprise, Kaspersky Internet Security 2017 and Kaspersky Endpoint Security 10.
The second phase of the program adds Kaspersky Password Manager 8 to the scope of the initiative. As an additional incentive, Kaspersky Lab has also increased the rewards for remote code execution bugs from 2000 USD to 5000 USD.
Initially launched in August 2016, in partnership with leading bug bounty platform provider HackerOne, the program has been successful in uncovering at least 20 bugs in six months. As a result, the program has been extended with increased rewards for security researchers that discover remote code execution bugs.
Nikita Shvetsov, Chief Technology Officer at Kaspersky Lab, said, "The security of our customers is our priority.That is why we take independent researchintoour products very seriously and apply its results to constantly improve our best-in-class technologies.Since August, it is fair to say that our Bug Bounty Program has been successful in optimisingour internal and external mitigation measures to continuously improvethe resiliency of our products.That's why we've decided to extend it. We appreciate the enthusiastic participation of security researchers worldwide. As a mark of our respect for the work theydo in helping us to bolster our solutions, we've increased the remuneration on offer in this second phase of the program and extended the scope to include other important Kaspersky Lab products."
"Kaspersky Lab is a great example of an organization that prioritizes security at every level," said Alex Rice, co-founder and CTO at HackerOne.
He adds, "They recognize the responsibility they have to protect customers - both enterprises and consumers - and are taking every step to ensure vulnerabilities are found and fixed before they can be exploited. The expansion of their program shows their commitment to investing in the global hacker community and ensuring their competitive edge in the security market.
Disclaimer: No Business Standard Journalist was involved in creation of this content
