MIT launches bug bounty program

MIT's program is particularly interested in specific categories of flaws in the school's web domains.
MIT's program is particularly interested in specific categories of flaws in the school's web domains.

One of the nation's top tech schools, The Massachusetts Institute of Technology (MIT) launched a bug bounty program last week that it termed “experimental.”

The initiative aims "to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible fashion,” according to a statement on the website of the Cambridge, Mass.-based private research university.

The program is particularly interested in specific categories of flaws in its web domains. It is open to affiliates of the university, including undergraduates and graduate students, holding valid certifications.

Rewards are offered for the "responsible disclosure of severe vulnerabilities" in the form of TechCASH, good for purchasing items and services on campus. Top contributors will also be allowed to maintain their Kerberos accounts following graduation, which allows them continued access to the school's network server.

Uber and the Department of Defense also recently announced bug bounty programs.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS