Kaspersky Lab announces bug bounty programme extension

Kaspersky Lab has extended its effective bug bounty programme, which was launched last August, in order to encourage qualified organisations and individuals to report software vulnerabilities and bugs found in its products.

Bug bounty programmes are an important, productive source for security companies and researchers to safely find, disclose and fix software issues without any risks. This important strategy provides a reliable level of protection for the continuous development of effective tools.

Increased penalty for bug bounty rewards

With help from bug bounty platform provider HackerOne, the programme has been successful in detecting at least 20 bugs since August 2016. This has resulted in an extension with increased rewards for security researchers that discover remote code execution bugs.

The cybersecurity company Kaspersky Lab increased the rewards for remote code execution bugs from £1588 to £3974 as an incentive.

“The security of our customers is our priority. That is why we take independent research into our products very seriously and apply its results to constantly improve our best-in-class technologies,” said Nikita Shvetsov, Chief Technology Officer at Kaspersky Lab. “Since August, it is fair to say that our bug bounty programme has been successful in optimising our internal and external mitigation measures to continuously improve the resiliency of our products. That’s why we’ve decided to extend it.”

“Kaspersky Lab is a great example of an organisation that prioritises security at every level,” said Alex Rice, co-founder and CTO at HackerOne. “They recognise the responsibility they have to protect customers — both enterprises and consumers — and are taking every step to ensure vulnerabilities are found and fixed before they can be exploited.”

Edited from press release by Leah Alger