Kaspersky Lab‘s bug bounty programme will now reward a total of over $100,000 for the discovery and disclosure of vulnerabilities in some of its leading products.
According to a press release, there is a 20-fold increase on existing rewards and this is “evidence of the company’s commitment to ensure the complete integrity of its products and protection for customers.”
The opportunity to win bounties is available to all members of the HackerOne platform, Kaspersky Lab’s partner for the Bug Bounty initiative, the release said.
The top reward is available for the discovery of bugs that enable remote code execution via the product database update channel.
Vulnerabilities allowing other types of remote code execution will be awarded bounties ranging from US$5000 to US$20000, depending on the level of complexity of a given vulnerability.
Bugs allowing local privilege escalation or leading to sensitive data disclosure will also be awarded bounty payouts.
Eugene Kaspersky, CEO of Kaspersky Lab, said, “Finding and fixing bugs is a priority for us as a software company. We invite security researchers to make sure there are no vulnerabilities in our products. The immunity of our code and highest levels of protection that we offer customers is a core principal of our business – and a fundamental pillar of our Global Transparency Initiative.”