Intel touts bug bounties to hardware hackers

Website and Intel Security (McAfee) products excluded from 'Wild West' payouts scheme

2 Reg comments Got Tips?

Intel has launched its first bug bounty program, offering rewards of up to $30,000.

The chip maker has partnered with specialist bug bounty outfit HackerOne to create a scheme that aims to encourage hackers to hunt for flaws in Intel's hardware, firmware and software. Intel will pay up to $30,000 for critical hardware vulnerabilities (less for firmware or software holes). The more severe the impact of the vulnerability and the harder it is to mitigate, the bigger the payout.

Find bugs, bag rewards

Bug bounties have become a familiar part of the infosec ecosystem over recent years, with software vendors such as Google and Microsoft leading the charge. Over time, a greater range of vendors have joined in.

Intel Security (McAfee) products are not in-scope of the Intel bug bounty program. Flaws in third-party products and open-source code are also beyond the compass of the scheme. Intel's web infrastructure has also been excluded.

More details of the program, announced at the CanSecWest security conference, can be found in a blog post by HackerOne here. ®


Biting the hand that feeds IT © 1998–2020