FireEye launches public bug bounty program


By Dylan Bushell-Embling
Wednesday, 19 August, 2020

FireEye launches public bug bounty program

Cybersecurity company FireEye has introduced a public bug bounty program for its corporate infrastructure aimed at shoring up the security of its own offerings.

The company is inviting researchers to register for the program using the Bugcrowd platform. Until now, the company’s bug bounty activities have been privately run in partnership with Bugcrowd.

The bug bounty program will offer payments of $50 to $2500 per vulnerability discovered, with higher severity vulnerabilities attracting higher payments. The vulnerabilities will be assessed using the Bugcrowd Vulnerability Rating Taxonomy.

“While we’ve been heavily involved with responsible disclosure, including helping other companies set up and modify their own programs, we are taking the next step in this effort,” FireEye CSO Steven Booth said in a statement.

“To ensure we are continually improving our environment and security posture, and to recognize the valuable role the research community plays in bettering security across all industries, FireEye is introducing its public bug bounty program specific to our corporate infrastructure.”

Testing targets include the company’s corporate-facing websites, localised websites for various markets and DNS configuration issues.

Security researchers electing not to receive payment or wishing to report on the findings of their research should do so via the Bugcrowd-managed FireEye Responsible Disclosure program, Booth said.

Image credit: ©stock.adobe.com/au/MicroOne

Related News

Digital trust leaders outperform their peers: research

Companies categorised as leaders in implementing digital trust strategies are reaping the...

IT decision-makers believe AI is key to protect against cyber threats: report

According to reseach, 40% of Australian IT decision-makers believe the use of AI will help them...

New Relic upgrades app security testing suite

The New Relic Interactive Application Security Testing solution has been upgraded with new...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd