Adobe’s new bug bounty program rewards researchers with HackerOne rep scores | SC Media
Strategy, Vulnerability management

Adobe’s new bug bounty program rewards researchers with HackerOne rep scores

March 6, 2015

Adobe launched a web application vulnerability disclosure program earlier this week with rewards coming in the form of a boosted reputation score on HackerOne.

No cash rewards will be doled out as of right now, a blog post on the program says. To receive credit for a finding, researchers must be the first one to report the vulnerability and provide enough time to patch the bug before publicly disclosing it.

Eligible web application vulnerabilities include cross-site scripting, server-side code execution, authentication or authorization flaws, and directory traversal, among others.

Any vulnerabilities affecting Adobe desktop products, such as Flash Player, or enterprise on-premise solutions need to be reported via email to the Product Incident Response Team, according to a HackerOne blog post.

prestitial ad