Barracuda Networks introduces vulnerability disclosure program   Leave a comment

Barracuda Networks have announced a ‘Bug Bounty programme’ to reward researchers for identifying vulnerabilities in its products.

Paying a minimum of $500 (£310) to match the reward offered by Google for severe bugs, it claimed that this is the first such programme to be offered by a pure security company and follows the likes of Mozilla in offering rewards for vulnerability discovery.

Last week Google launched a new vulnerability reward program, modelled on its Chromium model that covers any Google web properties that handle ‘highly sensitive authenticated user data or accounts’ to include google.com, youtube.com, blogger.com and orkut.com.

The type of vulnerabilities that qualify for rewards include cross-site scripting (XSS), cross-site request forgery (CSRF), cross-site script inclusion (XSSI) and bugs that allow the access of other users’ private data and server-side code execution.

Dr Paul Judge, chief research officer at Barracuda Networks, said: “Security product vendors should be at the forefront of promoting security research. This initiative reflects our commitment to our customers and the security community at large. The goal of this program is to reward researchers for their hard work, as well as to promote and encourage responsible disclosure.”

Researchers reporting security bugs will collect a cash prize of up to $3,133.70 (£1,940.49), depending on the severity of the vulnerability as judged by the Barracuda Labs Bug Bounty Panel. Bounties can be donated to charity as requested by the bug reporter.

The following security products are eligible: Barracuda Spam and Virus Firewall, Barracuda Web Filter, Barracuda Web Application Firewall and the Barracuda NG Firewall.

http://www.scmagazineuk.com/barracuda-networks-introduces-vulnerability-disclosure-program/article/190673/?DCMP=EMC-SCUK_Newswire

Advertisements

Posted November 16, 2010 by axxerainc in Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: