Singapore-based Crypto.com is providing $2 million to anybody who can discover and report vulnerabilities as an indication of its confidence in its fashionable and up to date safety system. The bounty program is the largest but for the web site and HackerOne, providing an open scope, quick cost, and totally compliant with platform requirements.
Crypto.com introduced its partnership with HackerOne and the $2 million bounty program by means of a Twitter/X publish and firm replace final December 2nd. The initiative is a part of the corporate’s dedication to selling safety and compliance and is backed by totally different certifications, together with ISO 27001, ISO 27017, ISO 27019, ISO 22301, ISO 27701, SOC2 Sort 2, and PCI DSS 4.0.
Along with these worldwide certifications, Crypto.com boasts regional certifications, like Singapore’s Cyber Belief Mark and Information Safety Belief Mark.
Crypto.com Upgrades Safety, Bounty Program
Crypto.com continues its safety partnership with HackerOne, and this month, they collectively issued a press release upgrading its current bug bounty program, which now presents as much as $2 million in rewards. That is the primary time the corporate’s bounty program has reached this quantity, and it’s now the largest bug bounty program with HackerOne in crypto and past.
At present we launch a groundbreaking $2 million bug bounty program with @Hacker0x01.
Security and safety are of paramount significance at https://t.co/vCNztATkNg – we’re proud to assist the biggest bug bounty program accessible by means of HackerOne.
Be taught extra 👉 https://t.co/qFNWLLtoGN pic.twitter.com/DRdEk9Zex0
— Crypto.com (@cryptocom) December 2, 2024
The corporate’s rewards program presents tiered rewards for various kinds of vulnerabilities based mostly on severity. For instance, the Low (0.1-3.9), representing 41.67% of submissions, gives a reward wherever from $200 to $500. Medium (4.0-6.9) will get $500 to $5,000, Excessive (7.0-8.9) boasts $5,000 to $40,000 in rewards, and at last, Important/Excessive vulnerabilities (9.0+) rewards $40,000 as much as $2 million.
Crypto.com invitations its customers to determine any vulnerabilities and resolve these potential dangers earlier than unhealthy actors exploit them. The crypto firm joined different tech corporations in working bug bounties to deal with on-line threats.
Discovering Important Safety Gaps Essential For Corporations
As one of many leaders within the crypto house, Crypto.com serves over 100 million customers from 90 international locations. Nonetheless, its recognition additionally places it susceptible to safety threats. The corporate understands these threats, and it’s the first motive it companions with HackerOne.
Crypto.com believes that belief is the corporate’s basis, constructed round privateness and safety. In a press release, the corporate boasts “zero-trust and protection in depth safety” methods and frequently invests in privateness and safety coaching.
Based on Kara Sprague, HackerOne’s CEO, discovering important safety gaps is essential for a corporation like Crypto.com. She talked about that the report bounty quantity displays Crypto.com’s dedication to person safety and assist for moral hacking.
Different Internet 3.0 Corporations Additionally Run Bounty Applications
Except for Crypto.com, different main Internet 3.0 have run bounty packages to determine and tackle safety weak spot. Fb, Atomic Pockets, Uniswap, and Fb are prime tech corporations that depend on moral hacking.
For instance, Uniswap launched the largest bug bounty in DeFi, providing as much as $15.5 million for these that may determine safety threats on its v4 good contract. After asserting the profitable bounty program, its UNI token has surged in worth.
Featured picture from Pexels, chart from TradingView