Singapore-based Crypto.com is providing $2 million to anybody who can discover and report vulnerabilities as an indication of its confidence in its fashionable and up to date safety system. The bounty program is the most important but for the web site and HackerOne, providing an open scope, quick cost, and totally compliant with platform requirements.
Crypto.com introduced its partnership with HackerOne and the $2 million bounty program by means of a Twitter/X submit and firm replace final December 2nd. The initiative is a part of the corporate’s dedication to selling safety and compliance and is backed by completely different certifications, together with ISO 27001, ISO 27017, ISO 27019, ISO 22301, ISO 27701, SOC2 Kind 2, and PCI DSS 4.0.
Along with these worldwide certifications, Crypto.com boasts regional certifications, like Singapore’s Cyber Belief Mark and Information Safety Belief Mark.
Crypto.com Upgrades Safety, Bounty Program
Crypto.com continues its safety partnership with HackerOne, and this month, they collectively issued an announcement upgrading its current bug bounty program, which now gives as much as $2 million in rewards. That is the primary time the corporate’s bounty program has reached this quantity, and it’s now the most important bug bounty program with HackerOne in crypto and past.
As we speak we launch a groundbreaking $2 million bug bounty program with @Hacker0x01.
Security and safety are of paramount significance at https://t.co/vCNztATkNg – we’re proud to assist the biggest bug bounty program accessible by means of HackerOne.
Be taught extra 👉 https://t.co/qFNWLLtoGN pic.twitter.com/DRdEk9Zex0
— Crypto.com (@cryptocom) December 2, 2024
The corporate’s rewards program gives tiered rewards for several types of vulnerabilities based mostly on severity. For instance, the Low (0.1-3.9), representing 41.67% of submissions, gives a reward wherever from $200 to $500. Medium (4.0-6.9) will get $500 to $5,000, Excessive (7.0-8.9) boasts $5,000 to $40,000 in rewards, and at last, Crucial/Excessive vulnerabilities (9.0+) rewards $40,000 as much as $2 million.
Crypto.com invitations its customers to determine any vulnerabilities and resolve these potential dangers earlier than dangerous actors exploit them. The crypto firm joined different tech firms in working bug bounties to handle on-line threats.
Discovering Crucial Safety Gaps Essential For Corporations
As one of many leaders within the crypto house, Crypto.com serves over 100 million customers from 90 nations. Nevertheless, its recognition additionally places it prone to safety threats. The corporate understands these threats, and it’s the first purpose it companions with HackerOne.
Crypto.com believes that belief is the corporate’s basis, constructed round privateness and safety. In an announcement, the corporate boasts “zero-trust and protection in depth safety” methods and regularly invests in privateness and safety coaching.
In accordance with Kara Sprague, HackerOne’s CEO, discovering vital safety gaps is essential for a corporation like Crypto.com. She talked about that the file bounty quantity displays Crypto.com’s dedication to person safety and assist for moral hacking.
Different Internet 3.0 Corporations Additionally Run Bounty Packages
Other than Crypto.com, different main Internet 3.0 have run bounty packages to determine and deal with safety weak point. Fb, Atomic Pockets, Uniswap, and Fb are prime tech firms that depend on moral hacking.
For instance, Uniswap launched the most important bug bounty in DeFi, providing as much as $15.5 million for these that may determine safety threats on its v4 good contract. After asserting the profitable bounty program, its UNI token has surged in worth.
Featured picture from Pexels, chart from TradingView
