Saturday, March 6, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Bug bounty platform ZDI awarded $25m to researchers over the past 15 years

August 23, 2020
in Internet Security
Bug bounty platform ZDI awarded $25m to researchers over the past 15 years
585
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Image: ZDI

Bug bounty platform pioneer Zero-Day Initiative (ZDI) said it awarded more than $25 million in bounty rewards to security researchers over the past decade and a half.

In an anniversary post celebrating its 15-year-old birthday, ZDI said the bounty rewards represent payments to more than 10,000 security researchers for more than 7,500 successful bug submissions.

You might also like

Zigbee inside the Mars Perseverance Mission and your smart home

FTC joins 38 states in takedown of massive charity robocall operation

Accellion zero-day claims a new victim in cybersecurity company Qualys

Most of these bugs were filed through the ZDI’s vendor-agnostic bug bounty platform, but many were also acquired through Pwn2Own, a yearly hacking contest that ZDI organizes.

A short history of ZDI

While certainly not the first bug bounty program, ZDI is the first program to have built a sustainable business model around its platform.

ZDI got off the ground in 2005 when it was set up as a special project inside 3Com, a vendor of computer and networking gear. The program operated by paying security researchers for vulnerability reports in popular software products.

At the time, this was a ground-breaking concept.

While today all the big major tech companies, and even the smaller ones, have a bug bounty program, in 2005, none of those programs were yet up and running.

In the 2000s, security researchers had to individually contact security teams at each company and report vulnerabilities, without any promise of any monetary reward.

This process was usually time-consuming, and more often than not resulted in bugs not getting fixed, security researchers skipping the bug reporting process altogether, or bug hunters receiving legal threats if they planned to go public about their findings.

But when ZDI began operating at scale, the platform finally provided a way for security researchers to (1) get paid and (2) leave the bug reporting process to ZDI and avoid getting sued.

Backed by 3Com, ZDI served as the perfect intermediary, and its parent company was also turning a profit from the program, as 3Com engineers would incorporate the bugs reports received via ZDI into TippingPoint, a security product that often provided protections for exploits months before competitors.

Over the years, ZDI expanded and grew. The program moved to HP, when Hewlett-Packard acquired 3Com, was spun into Hewlett-Packard Enterprise (HPE), and finally moved under Trend Micro’s parentage in 2015, when the security firm acquired TippingPoint from HPE.

Leading bug bounty program today

Today, the program is historically the most successful bug bounty platform ever and has been recognized as the world’s leading vulnerability research organization for the past 13 years in a row.

According to a report from Omdia published last month, ZDI was responsible for more than half of all the vulnerability disclosures in 2019, more than any other vendor or bug bounty platform.

Furthermore, ZDI has also expanded into running hacking contests, and since 2007 has been managing the renowned Pwn2Own hacking competition.

While it started with one contest per year, ZDI now runs three separate Pwn2Own contests, with one focused on business software and operating systems, a second on mobile devices and IoT, and a third dedicated to ICS/SCADA products.

Pwn2Own is today’s best-funded hacking competition, with the biggest rewards on the market, and the reason why all the major security teams and researchers attend its editions, year in, year out.

And in true ZDI fashion, all the vulnerabilities reported during the contest are reported to vendors, and researchers paid for their findings.

Credit: Zdnet

Previous Post

Alternative to the Arithmetic, Geometric, and Harmonic Means

Next Post

Little Known Artificial Intelligence Secrets: What Unsupervised Learning Really Means

Related Posts

Zigbee inside the Mars Perseverance Mission and your smart home
Internet Security

Zigbee inside the Mars Perseverance Mission and your smart home

March 6, 2021
FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Accellion zero-day claims a new victim in cybersecurity company Qualys
Internet Security

Accellion zero-day claims a new victim in cybersecurity company Qualys

March 5, 2021
GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines
Internet Security

GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines

March 5, 2021
With its acquisition of Auth0, Okta goes all in on CIAM
Internet Security

With its acquisition of Auth0, Okta goes all in on CIAM

March 5, 2021
Next Post
Qeexo AutoML Demo: Automating Machine Learning for Embedded Devices

Little Known Artificial Intelligence Secrets: What Unsupervised Learning Really Means

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Zigbee inside the Mars Perseverance Mission and your smart home
Internet Security

Zigbee inside the Mars Perseverance Mission and your smart home

March 6, 2021
Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!
Internet Privacy

Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked!

March 6, 2021
Autonomous Cars And Minecraft Have This In Common  
Artificial Intelligence

Autonomous Cars And Minecraft Have This In Common  

March 5, 2021
The ML Times Is Growing – A Letter from the New Editor in Chief – Machine Learning Times
Machine Learning

Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times

March 5, 2021
FTC joins 38 states in takedown of massive charity robocall operation
Internet Security

FTC joins 38 states in takedown of massive charity robocall operation

March 5, 2021
Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount
Internet Privacy

Google Cloud Certifications — Get Prep Courses and Practice Tests at 95% Discount

March 5, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Zigbee inside the Mars Perseverance Mission and your smart home March 6, 2021
  • Mazafaka — Elite Hacking and Cybercrime Forum — Got Hacked! March 6, 2021
  • Autonomous Cars And Minecraft Have This In Common   March 5, 2021
  • Explainable Machine Learning, Model Transparency, and the Right to Explanation « Machine Learning Times March 5, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates