Rambler&Co will test its security on the Standoff Bug Bounty platform with the help of white hackers
Rambler&Co expands the bounty hunting program on the Standoff 365 platform and launches it in the APT Bug Bounty format. Now, independent security researchers will try to implement unacceptable events for the company to test the cyber resilience of IT systems. Baghaters will receive 3 million rubles for their implementation.
ART Bug Bounty is Positive Technologies’ approach to testing security against cyber threats, in which independent researchers, 24/7 in a constantly changing infrastructure, assess a company’s security against hacking and try to implement unacceptable events for it.
Evgeny Rudenko
Director of Cyber Security Rambler&Co
APT Bug Bounty is a logical development of our strategy to protect the media holding’s infrastructure. We build an understanding of its most important areas and focus on them. Positive Technologies’ expertise and the Standoff Bug Bounty platform allow us to expand our “partnership” with bug hunters to assess the security of our most valuable assets against targeted attacks.
Rambler&Co offers white hackers to study the company’s business processes and test its infrastructure for strength. The best cyber specialists will look for vectors of penetration into the infrastructure of the media holding and report on the implemented criteria of unacceptable events.
Oleksiy Novikov
Managing Director of Positve Technologies
ART Bug Bounty is an alternative to the red team and the classic pentest, which provides an objective assessment of the company’s security against cyber threats. This approach allows you to assess the effectiveness of the company’s security system and to eliminate vulnerabilities in the shortest possible time.
The Standoff Bug Bounty platform has published a program containing terms and conditions to be followed security researchers will try to identify and implement attack vectors that allow access to contracts, counterparties, objects of intellectual property and personal data of employees and customers of Rambler&Co.
Participants who are the first to successfully implement the unacceptable event criterion and submit a detailed report will receive 3 million rubles. At the first stage, the program will be launched in private mode and available to a limited number of bughunters. To gain access, you must send a request to [email protected].
In addition, Rambler&Co is expanding the core bugbounty program. Researchers are now being asked to look separately at vulnerabilities on the company’s main media assets, sports-themed domains, the Rambler portal, and LiveJournal. In this way, the holding plans to bring the security of its projects to a new level. The amounts of payments for all types of vulnerabilities have also been increased: “low” – up to 5,000 rubles, “medium” – from 5,000 to 35,000 rubles, “high” – from 35,000 to 150,000 rubles, “critical” – up to 500,000 rubles.