Singapore-based Crypto.com is offering $2 million to anyone who can find and report vulnerabilities as a sign of its confidence in its modern and updated security system. The bounty program is the largest yet for the website and HackerOne, offering open scale, fast payout, and fully compatible with platform standards.
Crypto.com announced its partnership with HackerOne and $2 million bounty program Through a Twitter/X post and company update on December 2nd. This initiative is part of the company’s commitment to enhancing security and compliance and is supported by various certifications, including ISO 27001, ISO 27017, ISO 27019, ISO 22301, ISO 27701, SOC2 Type 2 and PCI DSS 4.0.
In addition to these international certifications, Crypto.com boasts regional certifications, such as Singapore’s Cyber Trust Mark and Data Protection Trust Mark.
Crypto.com upgrades security and rewards program
crypto.com It continues its security partnership with HackerOne, and this month issued a joint statement to upgrade its existing bug bounty program, which now offers rewards of up to $2 million. This is the first time the company’s bounty program has reached this amount, and it is now the largest bug bounty program with HackerOne In and outside encryption.
Today we launched an innovative $2 million bug bounty program @Hacker0x01.
Safety and security are of utmost importance https://t.co/vCNztATkNg – We are proud to support the largest bug bounty program available through HackerOne.
Learn more 👉 https://t.co/qFNWLLtoGN pic.twitter.com/DRdEk9Zex0
— Crypto.com (@cryptocom) December 2, 2024
Company Rewards program Provides tiered bonuses to different types of vulnerabilities based on their severity. For example, the low level (0.1-3.9), which represents 41.67% of submissions, offers a bonus ranging from $200 to $500. Average (4.0-6.9) gets $500 to $5,000, high (7.0-8.9) gets rewards ranging from $5,000 to $40,000, and finally, critical/extreme weaknesses (9.0+) reward $40,000 up to $2 million. .
Crypto.com calls on its users to identify any vulnerabilities and resolve these potential risks before bad actors exploit them. The cryptocurrency company has joined other tech companies in running bug bounties to address online threats.
Finding critical security vulnerabilities is critical for businesses
As one of the leading companies in the cryptocurrency space, Crypto.com serves more than 100 million users from 90 countries. However, its popularity also exposes it to the risk of security threats. The company understands these threats, which is the main reason behind its partnership with HackerOne.
Crypto.com believes that trust is the foundation of the company, which is centered around privacy and security. In a statement, the company prides itself on its “Zero Trust and Defense in Depth” security strategies and continually invests in privacy and security training.
According to Kara Sprague, CEO of HackerOne, finding critical security vulnerabilities is crucial for a company like Crypto.com. It stated that the record bounty amount reflects Crypto.com’s commitment to user protection and supporting ethical hacking.
Other Web 3.0 companies also run rewards programs
Aside from Crypto.com, other leading Web 3.0 websites have run bounty programs for identifying and remediating security vulnerabilities. Facebook, Atomic Wallet, Uniswap, and Facebook are some of the top tech companies that rely on ethical hacking.
For example, Uniswap launched the largest bug bounty in DeFi, offering up to $15.5 million to those who can identify security threats to its v4 smart contract. After the announcement of the lucrative bounty program, the price of its UNI token increased.
Featured image from Pexels, chart from TradingView
Comments are closed, but trackbacks and pingbacks are open.