Offensive Security announced a new bounty program for user generated content. Members of the infosecurity community can now receive cash bounties for submitting vulnerable virtual machines to Offensive Security (OffSec) that are eligible to be incorporated into the Proving Grounds training labs.
OffSec is the only security training provider to offer bounty payments for content submissions, providing tangible rewards to the infosec community and expanding the content available in OffSec’s training labs.
“No matter how much training material you have consumed, the best way to demonstrate that you’ve acquired knowledge is to apply it,” said Ning Wang, CEO, Offensive Security.
“By establishing this bounty program, OffSec is not only strengthening its training programs by incorporating the latest and greatest content from the community, we are offering people the chance to apply their knowledge by creating vulnerable machines and to get paid while doing it.”
Security professionals at all levels make extensive use of user generated machines to improve their skillsets and advance their careers. Many online communities, such as OffSec’s recently acquired VulnHub, exist solely for the purpose of sharing exploitable software with aspiring security professionals for training and development.
Many industry professionals fortify their skillsets and build out their resumes by creating vulnerable systems that others can take advantage of. However these machines have traditionally been given away for free, making it difficult for machine developers to receive true value for their work.
With the new OffSec bounty program, members of the community can submit their exploitable applications through the OffSec portal and receive various cash bounties depending on the quality of the vulnerable system.
If the machine meets OffSec’s criteria, it is incorporated into the OffSec Proving Grounds labs programs, where they remain available for free through PG Play.
Similar to bug bounty programs, the OffSec User Generated Machines program operates on payment tiers whereby different rewards are offered depending on which criteria the machine meets.