Connect with us

Hi, what are you looking for?

Cyber Security

Onfido bug bounty program launched to help shore up ID verification defenses

Digital identity verification company Onfido has launched a new bug bounty program, in partnership with European vulnerability disclosure platform YesWeHack.

The security rewards program will provide Onfido with access to YesWeHack’s community of 40,000 ethical hackers.

According to UK-based Onfido, the partnership comes as part of the company’s continued commitment to pen testing its platform against cyber-threats and delivering secure platform solutions.

Open access

The initiative was launched as Onfido continues to expand its Real Identity Platform to deliver a suite of trusted data sources and identity verification services.

“Together, Onfido and YesWeHack defined the rules for the bug bounty program including the scope of the test, the vulnerabilities that qualify for a reward, and their value,” a press release reads.

Commenting on the partnership, Alex Valle, chief product officer at Onfido, said: “Security and compliance are essential to our mission of creating a more open world, where identity is the key to online access and we are always looking for ways to strengthen this.

“The bug bounty program delivers us gold standard protection from bad actors, identifying and fixing any critical vulnerabilities before they even have a chance to arise.”

Since the beginning of 2022, YesWeHack said it has launched more than 200 new bug bounty programs and hosted several live hacking events.

“Onfido’s goal is to improve and grow the program little by little, by inviting more researchers, increasing the scope and raise the rewards,” a YesWeHack spokesperson told The Daily Swig.

“Switching from private to public is definitely one of their goals as they want to have the best possible coverage on their assets, however the program hasn’t reached that level of maturity yet.”

Source: https://portswigger.net/daily-swig/onfido-bug-bounty-program-launched-to-help-shore-up-id-verification-defenses

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Newsworthy News | Global | Political | Local | All News | Website By: Top Search SEO