A new Zoom report reveals that in 2021, the company has provided $ 1.8 million to security researchers for assistance in identifying and resolving bugs on Zoom’s platform, through its private ‘Bug Bounty’ program. Zoom is currently working with over 800 security researchers worldwide through HackerOne platform.Since the program was established in 2020, hackers have been awarded over $ 2.4 million as a reward for their work.
Bug Bounty programs are reward and incentive programs that help technology companies strengthen their layer of protection and have in recent years become part of the cyber management and information security strategy at Zoom. Companies pay hackers and experts to test how the security layer can be penetrated in order to detect intrusions in the system and understand what their impact is on users and of course, to know how to deal and what to do to strengthen the protection against future intrusions.
When the Corona broke out in early 2020, the number of participants in Zoom meetings exceeded the 300 million participant threshold per day, within a few months. Protection from evolving and potential cyber threats has become a priority and required a constant strengthening of the security and integrity of the platform to maintain the security of zoom users. The company notes that safe and secure virtual communication is a top priority for Zoom. The confidentiality and completeness of messages and meetings, as well as the availability and reliability of Zoom’s global infrastructure, are the main focus of hundreds of the company’s internal security engineers. In order to prepare for the threats to users and infrastructure, it is critical to build strong defenses and this is the reason for the ongoing examination of the platform and infrastructure to identify threats and vulnerabilities.
Over 800 security researchers
Although Zoom tests its solutions and infrastructure on a daily basis, the company knows that it is important to expand this test by turning to “ethical” hackers to identify vulnerabilities that are difficult to identify.
Zoom’s Bounty Program Photo: Zoom
This is why Zoom has invested in a skilled team of security researchers from around the world through a private debugging program on the platform of HackerOne – the industry’s leading provider of recruiting and contacting security professionals. Zoom has recruited over 800 security researchers on the HackerOne platform. Their collective work has led to the filing of numerous bug reports, and prizes of over $ 2.4 million, branded merchandise and gifts since the program’s launch. In 2021 alone, Zoom provided more than $ 1.8 million to submitters of 401 reports.
At the same time, the company began running a Public Vulnerability Detection Program (VDP), which allowed anyone, not just established security researchers, to submit Zoom vulnerability reports. This move will optimize the reception of reports and allow the right teams in Zoom to be involved quickly, which ultimately leads to faster bug fixes and a more secure product.