Search This Blog

Powered by Blogger.

Blog Archive

Labels

Platforms for hiring “white hackers” may be created in Russia

Positive Technologies plans to launch in Russia an analog of the international vulnerability search platform HackerOne.

 The service should become an intermediary between companies that want to check their information systems for security, and hackers who will receive a reward for hacking them. So, Rostelecom and Positive Technologies became interested in similar vulnerability search projects. But experts doubt the success of the projects: Russian companies, unlike foreign ones, often do not have budgets for such services, and they often simply do not respond to reports of vulnerabilities.

A representative of Positive Technologies said that the company plans to launch a platform in Russia in May 2022 that will become an aggregator of programs for “ethical hackers” to search for vulnerabilities, so-called bug bounty. As part of such programs, hackers receive rewards from companies for vulnerabilities found in their IT networks, systems, and applications.

Now, “white hackers” in most cases are looking for tasks on the international HackerOne platform. The interviewed experts expressed doubts about the advisability of creating a similar Russian service. In particular, Mikhail Sergeev, a leading engineer at CorpSoft24, pointed out that Russian business does not have the necessary budgets, and often large companies that can afford such a service “do not respond to reports of bugs found.”

“Launching a bug bounty program requires additional financial costs and a certain level of maturity of information security processes, which reduces the list of potential customers of such a platform in Russia”, added Ilya Shalenkov, head of the KPMG cybersecurity services group. The demand for such a service by Russian developers implies that they accept the “right to make a mistake.”

In August, it was reported that the Poly Network cryptocurrency platform, which lost several hundred million dollars as a result of hacking, decided to reward the hacker. Poly Network thanked the hacker for hacking the system and stealing $610 million. She offered him a reward of 500 thousand dollars. The statement did not specify in what form the money would be paid. It was also not specified whether the hacker accepted the award.


Share it:

Cyber Security

Russia

Russian Cyber Security