Jump to content

Hack Our Products And We'll Pay You:


Recommended Posts

Barracuda Networks Tuesday announced it will pay more than $3,100 to anyone who can hack into its security products, saying the bug bounty program is the first ever from a pure-play security vendor.

"This initiative reflects our commitment to our customers and the security community at large," says Paul Judge, chief research officer at Barracuda. The security firm lists its Spam & Virus Firewall, Web Filter, Web Application Firewall and NG Firewall as products in its bug bounty program.

Google last week launched a bug-bounty program to pay for vulnerabilities, and many other vendors are willing to pay security researchers for information about vulnerabilities they'd like to be able to fix as soon as possible before these flaws are exploited as zero-day attacks

The Barracuda Networks bug-bounty program will pay as high as $3,133.70 -- an allusion to the slang "leet" number-related spelling of 31337 for security "elite" --for "particularly severe bugs," according to the company. But the starting reward is $500.

The following bugs and attack types are said to be excluded: use of automated testing tools; social engineering; denial-of-service attacks; physical attacks; attacks against Barracuda's customers; attacks against Barracuda's corporate infrastructure or demo servers.

Acceptable bug types include "those that compromise confidentiality, integrity or authentication," with examples given of "remote exploits, privilege escalation, cross-site scripting, code execution and command injection." The company asks that vulnerabilities be reported via e-mail to BugBounty@barracuda.com using the PGP key at http://www.barracudalabs.com/bugbountypgp.txt.

To qualify for the bug bounty, the bug must be disclosed only to the company, Barracuda specifies, and once the "issue is fixed, you will be able to publicly disclose the issue."

Source: http://www.networkworld.com/news/2010/1109...ty.html?hpg1=bn

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...