Menu
Dropbox to pay security researchers for bugs

Dropbox to pay security researchers for bugs

Dropbox has not set a maximum reward

Dropbox said on Wednesday it will pay rewards to independent researchers who find software flaws in its applications, joining a growing list companies who see merit in crowdsourcing parts of their security testing.

The popular file storage service previously publicly recognized researchers, but did not pay a reward, also sometimes referred to as a bug bounty.

"In addition to hiring world class experts, we believe it's important to get all the help we can from the security research community, too," wrote Devdatta Akhawe, a Dropbox security engineer.

Facebook, Google, Yahoo and many other large companies pay researchers rewards that are often determined by the seriousness of the software flaw. Running such programs are more efficient than hiring more security engineers since a company's applications are analyzed by a larger number of people with diverse security skills.

Dropbox's program will be run through HackerOne, a company that has a secure platform that manages security vulnerability information and handles disclosure information and rewards.

Eligible programs are Dropbox's mobile applications, the photo viewer Carousel, its desktop client and the Dropbox Core SDK.

The smallest bounty is $US216. Dropbox hasn't set a maximum it will pay, but the largest so far has been $US4913. With the launch of the program, Akhawe wrote Dropbox would retroactively pay $US10,475 to those who reported critical bugs through its previous program.

The details on what bugs are eligible have been posted on Dropbox's HackerOne page.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags dropboxsecurityHackerOneExploits / vulnerabilities

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments