Intel has launched its first bug bounty program, offering rewards of up to $30,000.
The chip maker has partnered with specialist bug bounty outfit HackerOne to create a scheme that aims to encourage hackers to hunt for flaws in Intel's hardware, firmware and software. Intel will pay up to $30,000 for critical hardware vulnerabilities (less for firmware or software holes). The more severe the impact of the vulnerability and the harder it is to mitigate, the bigger the payout.
Find bugs, bag rewards
Bug bounties have become a familiar part of the infosec ecosystem over recent years, with software vendors such as Google and Microsoft leading the charge. Over time, a greater range of vendors have joined in.
Intel Security (McAfee) products are not in-scope of the Intel bug bounty program. Flaws in third-party products and open-source code are also beyond the compass of the scheme. Intel's web infrastructure has also been excluded.