Intel's bug bounty raised
Rick Echevarria, the vice president of and the general manager of Platform security at Intel Corporation stated that "At Intel, we believe that working with security researchers is a crucial part of identifying and mitigating potential security issues in our products. Similar to other companies, one of the ways we’ve made this part of our operating model is through a bug bounty program. The Intel® Bug Bounty Program was launched in March 2017 to incentivize security researchers to collaborate with us to find and report potential vulnerabilities. This, in turn, helps us strengthen the security of our products, while also enabling a responsible and coordinated disclosure process."
Updates to our program include:
1) Shifting from an invitation-only program to a program that is open to all security researchers, significantly expanding the pool of eligible researchers.
2) Offering a new program focused specifically on side channel vulnerabilities through Dec. 31, 2018. The award for disclosures under this program is up to $250,000.
3) Raising bounty awards across the board, with awards of up to $100,000 for other areas.\
The list of acceptable bugs is(as quoted from Intel's website)
Intel Hardware
- Processor (inclusive of micro-code ROM + updates)
- Chipset
- FPGA
- Networking / Communication
- Motherboard / System (e.g., Intel Compute Stick, NUC)
- Solid State Drives
Intel Firmware
- UEFI BIOS (Tiano core components for which Intel is the only named maintainer)
- Intel® Management Engine
- Baseboard Management Controller (BMC)
- Motherboard / System (e.g., Intel Compute Stick)
- Solid State Drives
Intel Software
- Device driver
- Application
- Tool
If you have found a security bug in one of them you can mail them at secure@intel.com or report it at https://hackerone.com/intel
Follow us on Facebook:- Facebook.com/VAPTHacker
LinkedIn:- https://www.linkedin.com/in/rohankalra97/
Twitter:- https://twitter.com/rohankalra97
This comment has been removed by the author.
ReplyDelete