Intel has become the latest tech company to launch a bug bounty program.
Intel bug bounty program: What’s in scope and what is not
Intel is looking for bug hunters to deliver information about its software, firmware and hardware, and discovered vulnerabilities in the latter will bring the biggest rewards.
Depending on the vulnerability’s severity, researchers can earn themselves as much as $30,000:
Of course, Intel will be the judge of how severe is each vulnerability.
The company does not want bug hunters to poke into its Web Infrastructure, third-party products and open source programs.
“Recent acquisitions are not in-scope for the bug bounty program for a minimum period of 6 months after the acquisition is complete,” they also noted.
Finally, Intel Security (McAfee) products are also off-limits. Intel has opted to sell its majority stake in Intel Security to US-based private equity firm TPG Capital last September. Once the deal is completed, the new company will revert to using the McAfee name.
Announced at the CanSecWest security conference, the bug bounty program was set up through HackerOne. More information on how to send in vulnerability information can be found here.