The program has paid out over $7 million since launching in 2019
Story by James Stephen, UCToday
Zoom paid $3.9 million to bug bounty hunters in the fiscal year 2023 which means its Bug Bounty program has now surpassed $7 million in awards.
The program, which began in 2019, calls on the expertise of the ethical hacking community to find vulnerabilities in Zoom’s platform. In return, Zoom provides payment which averages nearly $4.5k per bug, based on its 2021 figures.
To attract professional hackers, Zoom created a private program via the cybersecurity company, HackerOne, which Zoom describes as the “industry’s leading provider” for connecting with IT security professionals. It also sought to attract talent through events, such as H1-702.
Roy Davis, Security Manager at Zoom, said: “In security, it’s all about who gets there first.
“We race to identify bugs and issues before the bad guys do, so we tap the ethical hacking community to help us get ahead.
“We source this help through our Zoom Bug Bounty program, which lets us connect with and engage expert researchers that help us proactively mitigate risk and create a safer environment for our customers. And we’ve accomplished a lot as a community in the past year.”