Uncategorized

details on Intel’s Bug Bounty Program

The Intel Security Center now has a new page that describes Intel’s Bug Bounty Program:

Intel® launches its first bug bounty program
Intel® Bug Bounty Program

At the CanSecWest Security conference on March 14, 2017, Intel launched its first Bug Bounty program targeted at Intel Products. We want to encourage researchers to identify issues and bring them to us directly so that we can take prompt steps to evaluate and correct them, and we want to recognize researchers for the work that they put in when researching a vulnerability. By partnering constructively with the security research community, we believe we will be better able to protect our customers.

Scope and Severity Ratings

Intel Software, Firmware, and Hardware are in scope. The harder a vulnerability is to mitigate, the more we pay
Vulnerability Severity     Intel Software     Intel Firmware     Intel Hardware
Critical     Up to $7,500     Up to $10,000     Up to $30,000
High     Up to $2,500     Up to $5,000     Up to $10,000
Medium     Up to $1,000     Up to $1,500     Up to $2,000
Low     Up to $500     Up to $500     Up to $1,000

A few details on items that are not in the program scope:

    Intel Security (McAfee) products are not in-scope for the bug bounty program.
    Third-party products and open source are not in-scope for the bug bounty program.
    Intel’s Web Infrastructure is not in-scope for the bug bounty program.
    Recent acquisitions are not in-scope for the bug bounty program for a minimum period of 6 months after the acquisition is complete.

https://security-center.intel.com/BugBountyProgram.aspx

https://security-center.intel.com/default.aspx

 

Standard

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s