dcsimg
 

Barracuda Networks Offers Bounty to Bug Catchers

By CIOinsight  |  Posted 11-09-2010 Print

WEBINAR:
On-Demand

Transforming Banks for a Digital Future: The Winners, The Losers, and the Strategies to Beat the Odds


Barracuda Networks has started a vulnerability rewards program to encourage the security community forward with bugs in its products.

Barracuda Networks has established a new rewards program for researchers who uncover bugs in the company's security products.

Barracuda's program follows in the footsteps of similar moves by Google and Mozilla to use incentives to get researchers to turn vulnerability information over to vendors as opposed to posting it publicly on the Web or handing it to black hats.

Prizes for the bugs range from $500 to $3,133.70 depending on how th Barracuda Labs Bounty Panel judges their severity. Bounties can be donated to charity upon request, the company said.

The following products are in the program's scope:

  • Barracuda Spam & Virus Firewall
  • Barracuda Web Filter
  • Barracuda Web Application Firewall
  • Barracuda NG Firewall

For now, only the appliance form factor of each of the products is fair game, and only the most recent generally available version qualifies.

Remote exploits, privilege escalation, cross-site scripting and other attacks that compromise confidentiality, availability or authentication are acceptable. Once the vulnerability is fixed, the finder can publicize it, the company said. Attacks against Barracuda's corporate infrastructure, demo servers or customers are prohibited.

For more, read the eWeek article Barracuda Networks Launches Security Vulnerability Rewards Program.



 

Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.

By submitting your information, you agree that cioinsight.com may send you cioinsight offers via email, phone and text message, as well as email offers about other products and services that cioinsight believes may be of interest to you. cioinsight will process your information in accordance with the Quinstreet Privacy Policy.

Click for a full list of Newsletterssubmit