Adobe follows Facebook Footsteps & Launches Vulnerability Disclosure Program

Adobe launches Vulnerability disclosure program for the security researchers to improve the security of its products. On Wednesday the program was launched on HackerOne and the company encourages the security researches from all over the world to contribute in it and report Vulnerabilities.

Adobe was not the first who has launched vulnerability disclosure program for security researchers. Big giants like Facebook, Microsoft, PayPal, Mozila and many other software giants has received hug success after introducing this program. After these bounty programs launch these companies managed to overcome some very severe vulnerabilities in their software and website.

On a blog post the company's Security program manager Pieter Ockers said that " In recognition of the important role that independent security researchers play in keeping Adobe customers safe, today Adobe launches a web application vulnerability disclosure program on the HackerOne platform. Bug hunters who identify a web application vulnerability in an Adobe online service or web property can now privately disclose the issue to Adobe while boosting their HackerOne reputation score."

In its bug disclosure guideline Adobe encourages security researchers to focus on web application vulnerabilities like Cross-site scripting, authentication or authorization flaws, injection vulnerabilities, injection vulnerabilities, information disclosure, Cross-site request forgery in a privileged context, Directory Traversal, Server-side code execution,Significant Security Misconfiguration.

The reward amount has not been disclosed by the Adobe but it is believed the the amount of reward will be decided after the Adobe's security team asses how severe the vulnerability is. Adobe also says that the researcher should not publicly disclose the vulnerability before reporting it to them.

Adobe follows Facebook Footsteps & Launches Vulnerability Disclosure Program Reviewed by Arif Majeed on 1:40 PM Rating: 5

No comments:

Feel free to ask questions, we love to respond.

All Rights Reserved by The World of IT & Cyber Security: © 2014 - 2015
Powered By Blogger, Designed by Sweetheme

Contact Form


Email *

Message *

Powered by Blogger.