Friday , 19 April 2019
Breaking News
Dropbox launches bug bounty program with rewards starting from $216, retroactively pays out over $10K

Dropbox launches bug bounty program with rewards starting from $216, retroactively pays out over $10K

Want to master the CMO role? Join us for GrowthBeat Summit on June 1-2 in Boston, where we’ll discuss how to merge creativity with technology to drive growth. Space is limited and we’re limiting attendance to CMOs and top marketing execs. Request your personal invitation here!

Dropbox today launched a bug bounty program in conjunction with HackerOne. Rewards start at a minimum of $216 and there is no maximum given.

Until today, Dropbox merely recognized security researchers who found serious security holes in its software on a public hall of fame page. Today, the company is starting to provide monetary rewards.

In fact, Dropbox has decided to retroactively reward hackers who responsibly reported critical bugs in its applications. The company is paying out $10,475 to these security researchers today.

Dropbox’s program requires that security researchers do the following:

  • Share the security issue with Dropbox in detail.
  • Give Dropbox a reasonable time to respond to the issue before making any information about it public.
  • Not access or modify user data without permission of the account owner.
  • Act in good faith not to degrade the performance of Dropbox’s services (including denial of service).

This is pretty standard stuff for bug bounty programs. Other typical conditions also apply: Only the first reporter of a vulnerability is rewarded, you must report a qualifying vulnerability through the HackerOne reporting tool to be eligible, and public disclosure of the vulnerability prior to resolution will result in disqualification from the program.

More to follow

Dropbox is the home for your most important stuff—now we’re bringing it to life with a growing family of products. Today, over 300 million people across every continent rely on Dropbox to get stuff done. With offices around the wor… read more »

Powered by VBProfiles

VentureBeat’s VB Insight team is studying email marketing tools. Chime in here, and we’ll share the results.

Article Source

Share and Enjoy

Leave a Reply

Your email address will not be published. Required fields are marked *