Singapore-based Crypto.com is providing $2 million to anybody who can discover and report vulnerabilities as an indication of its confidence in its fashionable and up to date safety system. The bounty program is the most important but for the web site and HackerOne, providing an open scope, quick fee, and totally compliant with platform requirements.
Crypto.com introduced its partnership with HackerOne and the $2 million bounty program by way of a Twitter/X submit and firm replace final December 2nd. The initiative is a part of the corporate’s dedication to selling safety and compliance and is backed by completely different certifications, together with ISO 27001, ISO 27017, ISO 27019, ISO 22301, ISO 27701, SOC2 Kind 2, and PCI DSS 4.0.
Along with these worldwide certifications, Crypto.com boasts regional certifications, like Singapore’s Cyber Belief Mark and Knowledge Safety Belief Mark.
Crypto.com Upgrades Safety, Bounty Program
Crypto.com continues its safety partnership with HackerOne, and this month, they collectively issued a press release upgrading its present bug bounty program, which now gives as much as $2 million in rewards. That is the primary time the corporate’s bounty program has reached this quantity, and it’s now the most important bug bounty program with HackerOne in crypto and past.
Right this moment we launch a groundbreaking $2 million bug bounty program with @Hacker0x01.
Security and safety are of paramount significance at https://t.co/vCNztATkNg – we’re proud to assist the most important bug bounty program accessible by way of HackerOne.
Study extra 👉 https://t.co/qFNWLLtoGN pic.twitter.com/DRdEk9Zex0
— Crypto.com (@cryptocom) December 2, 2024
The corporate’s rewards program gives tiered rewards for several types of vulnerabilities based mostly on severity. For instance, the Low (0.1-3.9), representing 41.67% of submissions, offers a reward anyplace from $200 to $500. Medium (4.0-6.9) will get $500 to $5,000, Excessive (7.0-8.9) boasts $5,000 to $40,000 in rewards, and at last, Crucial/Excessive vulnerabilities (9.0+) rewards $40,000 as much as $2 million.
Crypto.com invitations its customers to determine any vulnerabilities and resolve these potential dangers earlier than unhealthy actors exploit them. The crypto firm joined different tech firms in working bug bounties to deal with on-line threats.
Discovering Crucial Safety Gaps Essential For Firms
As one of many leaders within the crypto area, Crypto.com serves over 100 million customers from 90 nations. Nevertheless, its recognition additionally places it prone to safety threats. The corporate understands these threats, and it’s the first purpose it companions with HackerOne.
Crypto.com believes that belief is the corporate’s basis, constructed round privateness and safety. In a press release, the corporate boasts “zero-trust and protection in depth safety” methods and frequently invests in privateness and safety coaching.
In keeping with Kara Sprague, HackerOne’s CEO, discovering important safety gaps is essential for an organization like Crypto.com. She talked about that the document bounty quantity displays Crypto.com’s dedication to person safety and assist for moral hacking.
Different Net 3.0 Firms Additionally Run Bounty Applications
Apart from Crypto.com, different main Net 3.0 have run bounty applications to determine and handle safety weak point. Fb, Atomic Pockets, Uniswap, and Fb are high tech firms that depend on moral hacking.
For instance, Uniswap launched the most important bug bounty in DeFi, providing as much as $15.5 million for these that may determine safety threats on its v4 sensible contract. After asserting the profitable bounty program, its UNI token has surged in worth.
Featured picture from Pexels, chart from TradingView
