NETGEAR Launches Bug Bounties for Routers

The internet of things (IoT) is a hot buzz topic when it comes to cybersecurity, as criminals take aim at a rapidly growing threat surface created by millions of new connected devices in homes and out in the field. All too often, the keys to the kingdom exist within the router that connects the outside world to the IP networks that run these devices. NETGEAR, one of the biggest router-makers in the world, is taking steps to combat the problem with a launch of a bug bounty program.

一分钟的信息安全意识动画片,轻松演绎企业信息安全基础知识。
The program has launched for Bugcrowd’s curated community of tens of thousands of skilled cybersecurity researchers.
我们的安全培训方案有40分钟的完整信息安全基础课程,用于对全体员工和新入职员工进行安全意识培训。
“As the innovative leader in connecting the world to the internet, NETGEAR must earn and maintain the trust of their users by protecting the privacy and security of their data,” said NETGEAR vice president of information technology Tejas Shah. “Being proactive when it comes to security is fundamental to NETGEAR’s approach. By adding a managed bug bounty program through Bugcrowd, we are adding one more layer to our security program.”
 The scope of NETGEAR’s bug bounty program includes NETGEAR’s devices, mobile applications, and exposed APIs. Anything that does not relate directly to a NETGEAR product is out of scope (e.g. marketing websites and support portals, including netgear.com). However, as long as the domain is used directly by a NETGEAR product, it is in scope—for example, https://apistaging.netgear.com is in scope, but https://netgear.com is not.
The potential rewards range from Bugcrowd points to $150 – $15,000 per bug identified. Top dollar goes to flaws leading to privacy and PII compromises, like unauthorized access to NETGEAR cloud storage video files or live video feeds for all customers (both $15,000—unauthorized access to a single customer’s video assets will command $10,000). The company will also pay $10,000 for flaws that allow crooks to retrieve customer payment information, including credit-card numbers and CVVs.
“With the white-hat hacker community in their corner, NETGEAR is cementing their position as the leader in consumer device security,” said Casey Ellis, CEO and founder of Bugcrowd. “We look forward to managing NETGEAR’s program and ensuring they get the best possible results to help them improve their security posture and build even more secure products.”
Photo © Keith Homan/Shutterstock.com
限制和过滤不良的互联网内容是普世真理,不过这些限制应该在国家法律和公司安全政策的框架之下进行,私下悄悄限制和阻碍互联网的正常使用,不仅侵犯人权,还践踏法律,终会受到反作用力的影响。

猜您喜欢

互联网安全及带宽控制原理
云计算和移动终端的结合,挑战传统信息安全管理者的神经
网络安全公益短片小心披露您的地理位置信息
富商打造最牛别墅!花2亿将鱼缸当围墙与爱琴海相连
BBUSS U-BOUTIQUE
防范“无意识泄密”需强化保密意识教育