Chip maker Intel says 77% of the hardware/firmware vulnerabilities it found last year were found by the company's bug bounty program.

New Cloudflare public bug bounty program has evolved over eight years from pure vulnerability disclosure.

The new, permanent program will use an online platform developed by CISA and will pay hackers between $500 and $5,000 for each discovered vulnerability.

In its annual survey of ethical hackers, Bugcrowd also found that 91% say that point-in-time testing cannot secure companies year-round.

Google to offer up to $250,000 for a full exploit of a Pixel device that runs on Android Enterprise.

Security experts are saying that Missouri's governor is mischaracterizing the actions of a journalist who reported a data leak vulnerability in a state website, demonstrating a clear lack of understanding among some politicians about the inner workings of the cyber community.

Product development teams are buying in to the concept due to the quality and cost-effectiveness of vulnerability disclosure reports, according to Mike Zachman, CSO.

CISA said the departments of Homeland Security, Labor and Interior will be the first federal agencies to participate in a program that will allow outside security researchers to legally test selected federal systems for security weaknesses.