Mozilla is bumping up its bug bounty payouts and has added new websites and services – including the recently deployed Firefox Monitor– to its bug bounty program in hopes of attracting more researchers to sniff out vulnerabilities. The browser-maker is doubling bug bounty payouts for most of its in-scope sites and services, as well as tripling payouts for the highest bug classification in its program, remote code execution vulnerabilities. Researchers can now bring in $15,000 for RCE flaws on “critical websites” (sites and services considered critical to Mozilla operations, which pay out at the highest bounty rate) and $5,000 for “core websites” (which pay out bounties, but at a reduced rate). “Mozilla was one of the first companies to establish a bug bounty program and we continually adjust it so that it stays as relevant now as it always has been,” said Simon Bennetts with Mozilla in a Tuesday announcement. “To celebrate the 15 years of the 1.0 release of Firefox, we are making significant enhancements to the web bug bounty program.” In addition, Mozilla announced that over the past six months, it has added new in-scope “critical websites” and services for its program. This includes: Autograph – a cryptographic signature service that signs Mozilla products. Lando – Mozilla’s automatic code-landing service which allows users to commit Phabricator revisions to their destination repository. Phabricator – a code management tool used for reviewing Firefox code changes….
http://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png 0 0 govanguard http://govanguard.com/wp-content/uploads/2018/04/Header_Logo.png govanguard2019-11-20 16:04:002019-11-20 16:04:00Mozilla Bug Bounty Program Doubles Payouts, Adds Firefox Monitor
Our Standard Office Hours
Monday – Friday: 8:00AM – 5:00PM EDT
Saturday – Sunday: Closed
Where to Find Us
Data Privacy Notice
- – All product names, logos, and brands are property of their respective owners.
- – The use of these names, logos, and brands is for identification purposes only and does not imply endorsement.
- – Content syndication and aggregation of public information is solely for the purpose of identifying information security trends, all syndicated content contains source links to the content creator website. All content is owned by it’s respective content creators.
- – If you are an owner of some content and want it to be removed, please email firstname.lastname@example.org