In 2010, Barracuda Networks was one of the first organizations to launch a formal bug bounty program. Since then, Barracuda has paved the way for other organizations to launch programs in order to collaborate with the independent research community and improve their overall product security programs.
Google recently announced that the company has raised its top reward for remote code execution bugs in its Google, Blogger and YouTube domains by 50 percent, saying "Because high-severity vulnerabilities have become harder to identify over the years, researchers have needed more time to find them. We want to demonstrate our appreciation for the significant time researchers dedicate to our program."
Bugcrowd bug bounty programs launched by security vendors have tripled over the past two years and represent the fifth largest industry on the Bugcrowd platform.
Each quarter we challenge our crowd to submit bugs against some of our most difficult programs to be entered to win a cash bonus. This quarter, we've encouraged our crowd to submit bugs against thick client applications and have seen fantastic engagement; we saw an awesome 200% increase in valid submissions in February.
We recently contributed to the Department of Commerce’s request for public comment on its “Green Paper” with Rapid7, Duo Security, Electronic Frontier Foundation, Center for Democracy & Technology, Global Cyber Alliance and many others that we hope will bolster a more transparent approach to securing the Internet of Things.
Today we aired our 2nd Annual Buggy Awards which recognized several organizations running bug bounty programs and several bug hunters who have contributed some fantastic research to the bug hunting community.
Earlier this month, I had the opportunity to attend and present at Nullcon in Goa, India. Now in its seventh year, Nullcon was founded in 2010 with the idea of “providing an integrated platform for exchanging information on the latest attack vectors, zero day vulnerabilities and unknown threats.”
This month we’re taking our ‘Big Bugs’ podcast out of hibernation for a special podcast on one of our favorite topics–Capture the Flag Competitions!
Our customers are leaders when it comes to security; they understand the value of harnessing the power of the crowd and the creativity of thousands of researchers that think like the adversary. Password manager technology 1Password is no exception.