Vulnerability Management

Open Bug Bounty creates free bug bounty program

Open Bug Bounty has added a free service that will allow organizations to create their own bug bounty program.

Open Bug Bounty, which has been operating since 2014, will allow any verified website owner to operate a program for their own site and is being done for free, Open Bug Bounty said, to help improve relations between website operators and security researchers. Website operators sign up for the program through Open Bug Bounty's Twitter feed.

While setting up the program is free, if a researcher finds a bug the website owner will have to pay the bounty. However, Open Bug Bounty will triage and verify the submissions but otherwise will not intervene.

“This is an amazing development in the bug bounty industry. I think this can help a lot of SMEs and large companies that are unable to detect and remediate the integrity of website vulnerabilities through automated scanners or annual pentesting. Security researchers can also get some valuable practice for the benefit of the cybersecurity industry – something that many graduates are missing today when applying for their first infosecurity job,” said  Ilia Kolochenko, High-Tech Bridge CEO.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.