<img alt="dcsimg" id="dcsimg" width="1" height="1" src="//www.qsstats.com/dcsuuvfw300000gkyg9tnx0uc_3f7v/njs.gif?dcsuri=/index.php/c/a/Latest-News/Barracuda-Networks-Launches-Security-Vulnerability-Rewards-Program-388783&amp;WT.js=No&amp;WT.tv=10.4.1&amp;dcssip=www.cioinsight.com&amp;WT.qs_dlk=XML9qe2ysLDcFNk324AIeQAAAA8&amp;">

Barracuda Networks Offers Bounty to Bug Catchers

By CIOinsight  |  Posted 11-09-2010 Print
Barracuda Networks has started a vulnerability rewards program to encourage the security community forward with bugs in its products.

Barracuda Networks has established a new rewards program for researchers who uncover bugs in the company's security products.

Barracuda's program follows in the footsteps of similar moves by Google and Mozilla to use incentives to get researchers to turn vulnerability information over to vendors as opposed to posting it publicly on the Web or handing it to black hats.

Prizes for the bugs range from $500 to $3,133.70 depending on how th Barracuda Labs Bounty Panel judges their severity. Bounties can be donated to charity upon request, the company said.

The following products are in the program's scope:

  • Barracuda Spam & Virus Firewall
  • Barracuda Web Filter
  • Barracuda Web Application Firewall
  • Barracuda NG Firewall

For now, only the appliance form factor of each of the products is fair game, and only the most recent generally available version qualifies.

Remote exploits, privilege escalation, cross-site scripting and other attacks that compromise confidentiality, availability or authentication are acceptable. Once the vulnerability is fixed, the finder can publicize it, the company said. Attacks against Barracuda's corporate infrastructure, demo servers or customers are prohibited.

For more, read the eWeek article Barracuda Networks Launches Security Vulnerability Rewards Program.


Submit a Comment

Loading Comments...
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.