HackerOne Contest To Debug the Internet

Microsoft and Facebook are serious about exterminating bugs. So serious, in fact, that they are sponsoring a bug bounty campaign that aims to find vulnerabilities in some critical software supporting the Internet stack.

HackerOne is putting on the bug hunting contest and will serve up rewards that range from $300 to $5,000 or more, depending on how widespread the vulnerability is and its severity.

EUWe've selected some of the most important software that supports the Internet stack, and we want you to hack it,EU HackerOneEUs Internet Bug Bounty Web site reads. EUIf the public is demonstrably safer as a result of your contribution to Internet security, we'd like to be the first to recognize your work and say EUthanksEU by sending some cash to you or your favorite non-profit.EU

Scouring the Internet

So what software is in the program? HereEUs the list: Sandbox Escapes; Open SSL; Python; Ruby; PHP; Django; Rails; Perl; Phabricator; Nginx; Apache httpd; and the Internet at large.

EUThe Internet Bug Bounty is managed by a panel of volunteers selected from the security community,EU HackerOne said. EUThese security experts are responsible for defining the rules of the program, allocating bounties to where additional security research is needed most, and mediating any disagreements that might arise.EU

Facebook, Microsoft, iSEC Partners, Etsy and Chrome are on the panel. Along with HackerOne, these groups are working to foster a community of hackers who are incentivized to improve the state of Internet security for the world. Part of the programEUs goal is also to remove the negative stigma from the EUhackerEU label.

A Welcome Addition

We turned to Chester Wisniewski, a senior security Advisor at Sophos, for his take on the HackerOne contest. He told us he thinks it is a welcome addition to existing bug bounty programs, particularly considering that it covers many open source projects...

Comments are closed.