Incident Response, Network Security, TDR, Vulnerability Management

MIT launches bug bounty program

One of the nation's top tech schools, The Massachusetts Institute of Technology (MIT) launched a bug bounty program last week that it termed “experimental.”

The initiative aims "to improve MIT's online security and foster a community for students to research and test the limits of cyber security in a responsible fashion,” according to a statement on the website of the Cambridge, Mass.-based private research university.

The program is particularly interested in specific categories of flaws in its web domains. It is open to affiliates of the university, including undergraduates and graduate students, holding valid certifications.

Rewards are offered for the "responsible disclosure of severe vulnerabilities" in the form of TechCASH, good for purchasing items and services on campus. Top contributors will also be allowed to maintain their Kerberos accounts following graduation, which allows them continued access to the school's network server.

Uber and the Department of Defense also recently announced bug bounty programs.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.