After falling victim to a data breach back in November, OnePlus promised it would launch a bug bounty program by the end of the year in order to further secure its phones.
Now the Chinese smartphone maker has launched its bug bounty program to help prevent future breaches but at this time, only select security researchers will be invited to to look for vulnerabilities in its systems.
OnePlus will also be highlighting the work of the program’s top contributors by updating a leaderboard which will feature the top three contributors on the main page of its bug bounty program.
One Plus bug bounty program
According to a page offering more details on its bug bounty program, OnePlus will pay up to $7,000 for special cases, $750-$1,500 for critical vulnerabilities, $250-$750 for high tier vulnerabilities, $100-$250 for medium tier ones and $50-$100 for low severity bugs.
While the tiers show the level of rewards researchers can expect to receive, it is still unclear as to what the criteria are for each tier. OnePlus just says that the rewards researchers will receive are “determined based on vulnerability severity and actual business impact.”
Just as NordVPN did with its recently launched bug bounty program, OnePlus will also be partnering with HackerOne to launch its program.
The company’s bug bounty program is currently in a private test phase but OnePlus has said that it will launch a public version of the program in 2020.
Source: techradar.com
