Intel Bug Bounty Program launched starting from March 2017 to collaborate with researchers and to mitigate the risk of exploitation. The Bug bounty program is open to all, any security researchers can report security vulnerabilities in Intel branded products & technologies.
Intel Bug Bounty
To avoid Meltdown and Spectre like vulnerabilities in future Intel Bug Bounty Program adds side channel vulnerabilities program starting from December 31st, 2018.
Now Intel Bug Bounty Program expands the rewards for the vulnerabilities disclosed under this program.
- Offering a new program focused specifically on side channel vulnerabilities through Dec. 31, 2018. The award for disclosures under this program is up to $250,000.
- Raising bounty awards across the board, with awards of up to $100,000 for other areas
| Vulnerability Severity | Intel Hardware w/ Side Channel Exploit through Software |
|---|---|
| Critical (9.0 – 10.0) | Up to $250,000 |
| High (7.0 – 8.9) | Up to $100,000 |
| Medium (4.0 – 6.9) | Up to $20,000 |
| Low (0.1 – 3.9) | Up to $5,000 |
Rick Echevarria said “We will continue to evolve the program as needed to make it as effective as possible and to help us fulfill our security-first pledge. Thank you, in advance, to all of those across the industry who choose to participate.”
It is important to have a Bug Bounty program as it employs crowdsource security researchers will diverse skill set covering a wide of vulnerability scenarios and advanced threats.
Safehats a bug bounty platform that Connects security conscious Enterprises, Financial Institutions and Governments with the whitehat hacker to have their products check against serious of vulnerabilities.
