Zoom awarded $1.8 million in bug bounty rewards over 2021

Zoom has awarded $1.8 million to researchers who submitted bug bounty reports over 2021. 

Bug bounty programs, whether private and available to invitees-only or public, where anyone can submit a vulnerability report, have become a critical method for organizations to improve their security posture. 

The industry is beset with talent shortages. Estimates suggest that there will be approximately 3.5 million unfilled job openings by 2025 in the US alone, and until there are more specialists available, companies often can’t just rely on in-house security teams, who have more than enough of a workload. 

This is where bug bounties come in: external researchers and bug hunters can perform tests on software and services, report any severe security issues, and receive credit and/or financial rewards in return. 

The popularity of Zoom’s teleconferencing video software exploded overnight due to COVID-19 and lockdowns, with many of us forced to work from home. However, the rapid increase in users also highlighted security problems that had to be addressed quickly. Hence, a bug bounty program was one of the firm’s initiatives for improving the situation. 

Zoom’s main program is private, but the platform actively recruits security researchers. Over 800 researchers participate in the program, which HackerOne hosts. 

Read More: https://www.zdnet.com/article/zoom-awards-1-8-million-in-bug-bounty-rewards-over-2021/#ftag=RSSbaffb68