fbpx

Adobe follows Facebook Footsteps & Launches Vulnerability Disclosure Program

Adobe launches Vulnerability disclosure program for the security researchers to improve the security of its products. On Wednesday the program was launched on HackerOne and the company encourages the security researches from all over the world to contribute in it and report Vulnerabilities.

Adobe was not the first who has launched vulnerability disclosure program for security researchers. Big giants like Facebook, Microsoft, PayPal, Mozila and many other software giants has received hug success after introducing this program. After these bounty programs launch these companies managed to overcome some very severe vulnerabilities in their software and website.

On a blog post the company’s Security program manager Pieter Ockers said that ” In recognition of the important role that independent security researchers play in keeping Adobe customers safe, today Adobe launches a web application vulnerability disclosure program on the HackerOne platform. Bug hunters who identify a web application vulnerability in an Adobe online service or web property can now privately disclose the issue to Adobe while boosting their HackerOne reputation score.”

In its bug disclosure guideline Adobe encourages security researchers to focus on web application vulnerabilities like Cross-site scripting, authentication or authorization flaws, injection vulnerabilities, injection vulnerabilities, information disclosure, Cross-site request forgery in a privileged context, Directory Traversal, Server-side code execution,Significant Security Misconfiguration.

The reward amount has not been disclosed by the Adobe but it is believed the the amount of reward will be decided after the Adobe’s security team asses how severe the vulnerability is. Adobe also says that the researcher should not publicly disclose the vulnerability before reporting it to them.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

What Makes ICS/OT Infrastructure Vulnerable?

Infrastructure security for operational technologies (OT) and industrial control systems (ICS) varies from IT security in several ways, with the inverse confidentiality, integrity, and...

Everything You Must Know About IT/OT Convergence

What is an Operational Technology (OT)? Operational technology (OT) is a technology that primarily monitors and controls physical operations. It can automate and control machines,...

Understand the OT Security and Its Importance

This article discusses OT security and why it is essential for protecting industrial systems from cyberattacks. We will also discuss common control objectives that can...

What is Deepfake, and how does it Affect Cybersecurity?

Producing deepfake is easy. It is hard to detect. They operate with a description of reality rather than reality itself (e.g., a video). Any...