Uber Launches Bug Bounty Program with $10,000 Reward
Ellie Froilan | | Mar 23, 2016 03:41 AM EDT |
(Photo : Getty Images) Uber bug bounty program encourages hackers to go deep on its codes both on its apps and websites.
Uber has launched a bug bounty program for independent security researchers to look for hackable bugs in its apps and websites.
The company promises a reward of $10,000 in exchange for data about critical security issues in its code. The move comes after Uber launched a private and beta bug bounty program in 2015 which was limited to 200 security researchers who found nearly 100 vulnerabilities, all of which have since been fixed.
Like Us on Facebook
The program has very specific examples of what qualifies for a reward, such as cross-site scripting (XSS), SQL injection, server-side remote code execution (RCE) and others. If a security researcher is able to find bugs, the company will pay $3,000 to $10,000 for issues for one of the items on its hit list.
Uber is the latest company that adopts the strategy of crowdsourcing the auditing of its code to shore it up against less compassionate hackers. However, Uber has levelled up their game compared to Google, Facebook and Microsoft with the help of bug-bounty-focused firm HackerOne. The company will offer loyalty system to the program, giving the researchers bonuses for repeated bug discoveries in Uber’s platform. It promised as well to give a “treasure map” for bug hunters, which is designed to guide them toward potential vulnerabilities in the site and make the bug hunting more efficient.
“Embarking on a new bug bounty program can be difficult; it takes time for security researchers to learn the systems, the architecture, and the types of vulnerabilities likely to be lurking. To help you with this quest, Uber’s engineering security team has assembled this treasure map of various services at Uber and tips for uncovering security issues,” said Matthew Bryant, Application Security Engineer at Uber.
It is worth noting that Uber’s bounty program is only for bugs found in its websites and apps for riders and drivers. The company might extend the programs to its actual cars.
The popular transportation firm also promised to publicize and highlight the highest-quality submissions, with the researcher's permission, so other researchers can learn by examples that earned the reward.
TagsUber, Bug Bounty Program Uber, Uber $10, 000, Uber app, Uber hacking
©2015 Chinatopix All rights reserved. Do not reproduce without permission
EDITOR'S PICKS
-
Did the Trump administration just announce plans for a trade war with ‘hostile’ China and Russia?
-
US Senate passes Taiwan travel bill slammed by China
-
As Yan Sihong’s family grieves, here are other Chinese students who went missing abroad. Some have never been found
-
Beijing blasts Western critics who ‘smear China’ with the term sharp power
-
China Envoy Seeks to Defuse Tensions With U.S. as a Trade War Brews
-
Singapore's Deputy PM Provides Bitcoin Vote of Confidence Amid China's Blanket Bans
-
China warns investors over risks in overseas virtual currency trading
-
Chinese government most trustworthy: survey
-
Kashima Antlers On Course For Back-To-Back Titles
MOST POPULAR
LATEST NEWS
Zhou Yongkang: China's Former Security Chief Sentenced to Life in Prison
China's former Chief of the Ministry of Public Security, Zhou Yongkang, has been given a life sentence after he was found guilty of abusing his office, bribery and deliberately ... Full Article
TRENDING STORY
-
China Pork Prices Expected to Stabilize As The Supplies Recover
-
Elephone P9000 Smartphone is now on Sale on Amazon India
-
There's a Big Chance Cliffhangers Won't Still Be Resolved When Grey's Anatomy Season 13 Returns
-
Supreme Court Ruled on Samsung vs Apple Dispute for Patent Infringement
-
Microsoft Surface Pro 5 Rumors and Release Date: What is the Latest?